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Configure the 
Bottom Line 


Software distribution and configuration 

management (SDCM) tools can save you 

a bundle in time and personnel costs and en- 

sure that your desktop user community is run- 
ning the right application set. But you need to look carefully at the 
vendors and take steps to avoid common pitfalls. 


TECH CHECK: Is totally hands-off desktop management finally here? 

COMPETITORS: Know the differences among SDCM tool vendors. 

CASE STUDY: Why policy decisions determined success at Telstra. 
Stories begin on page 24. 


HP HIT BY LOSS, DROP-OFF IN SALES 


have reported as a combined | 
company a year ago. 
During the third quarter, HP 
ran up more than $2.4 billion in | 
restructuring and other merg- | 
er-related expenses. Excluding | 
those charges, HP would have 


Results point to challenges | 
in wake of Compaq deal | 


BY JAIKUMAR VIJAYAN 
Hewlett-Packard Co.’s $2 bil- 
lion loss in its first postmerger | 


| Compaq Computer Corp., 


| in several critical 


quarter, amid weakened sales 
in several crucial areas 
of its business, under- 
scores the serious chal- 
lenges the company 
faces going forward, an- 
alysts said last week. 

HP reported revenue of $16.5 


billion for its fiscal third quar- | 


ter ended July 31, compared 


with the $18.6 billion it would | 


earned a profit of around $420 | 


million for that period. 
“Throughout our first 
100 days, we’ve kept 
our eye on the 
said HP Chairman and 
CEO Carly Fiorina. “We're hit- 


| ting our integration milestones 


and are on track to meet our 
second-half targets.” 
Even so, the results, which 
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after HP an- 
acquire 
re- 
veal a disconcerting slowdown 
areas, 
Paul McGuckin, an analyst at 
Gartner Inc. in Stamford, Conn. 
“The performance of the en- 
terprise 
cially was very disappointing,” 
McGuckin said. 
Combined company 


come one year 
nounced its plan to 


said 


storage equipment, declined 
22% compared with the same 


period last year, to $3.8 billion. | 


HP blamed the decline 
sluggish IT spending world- 
wide and aggressive competi- 


on 


tive discounting. 
But McGuckin said HP’s 
problem is also reiated to a 


specific weakening of demand | 


HP Loss, page 14 


systems group espe- | 
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Low-power mobile CPUs do more with less. 
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USERS CAST. 
WARY EYE AT 
WEB SERVICES 


| IT managers are interested but ' worry 
about immature standards, lack of skills 


| BY CAROL SLIWA 
| BOSTON 


| IT professionals on an 


| ploratory mission at last week’s | 
| XML Web Services One con- | 


| ference here expressed keen 
| interest in testing out new 
| technologies to address some 
of their most painful applica- 

| tion integration headaches. 
But their interest was tem- 
pered by a variety of concerns, 
including immature and some- 
times overlapping standards, 
| the potential for differing im- 
plementations of those stan- 


dards by vendors and a dearth | 


of skills at some companies to 

build Web services that use 

standard Internet technologies 
| such as XML and the Simple 
Object Access Protocol to link 
disparate applications. 


standards arms race,” said Chet 


| Ensign, senior director of archi- 
ex- | 


tecture and development ser- 
vices in the Newark, N_J., office 
of LexisNexis Group. “That’s 
what the world does not need.” 

One ray of hope for atten- 
dees such as Ensign was a day- 
long joint presentation by two 


| of the groups working on key 


Web services standards — the 
World Wide Web Consortium 
and the Organization for the 
Advancement of Structured 
Information Standards. But 
even though the cooperative 
spirit was encouraging, some 

Web Services, page 53 


ONLINE INTERVIEW 

Aco-author of key Web services specs 
says wait before traversing fire- 
walls: QuickLink 32576 


reve- | 
nue in that unit, which is re- | 
sponsible for HP’s server and | 


| BY DAN VERTON 


| began putting the final touches 


“My nightmare would be a 


FEDS PLAN CYBERSECURITY CENTER 


The plan, which is sched- 
uled to be released Sept. 18 
during a ceremony at Stanford 
University, does include a pro- 
vision to build a cybersecuri- 
ty network operations center. 
a published report 

that the NOC 
collect and examine 


White House denies it’s 
looking to monitor data 


WASHINGTON 
As the White House last week | However, 
suggesting 


on its long-awaited National | would 


Plan for Protecting Cyber- 
space, administration officials 
took issue with a press report 
that suggested the plan would 


include provisions to expand | 
the government’s data collec- | 


tion and surveillance. 


e-mail and data traffic from 
major Internet pro- 
viders and other private-sector 
companies is misleading and 
inaccurate, said Tiffany Olson, 
an assistant to Richard Clarke, 

Cybersecurity, page 16 
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OUTSOURCING OVERHAULS 


Renegotiating outsourcing contracts can 
} benefit both the user and the vendor. Johns 
i Manville’s Tom Rideout (left) describes the 
hurdles he encountered getting his company 
and its service provider to the table. PAGE 40 


NEWS 6 


6 Cost-conscious IT managers 
are asking for midrange disk arrays 
with high-end features, and storage 
vendors are delivering them. 


6 IBM plans to stop selling its 
OS/390 mainframe operating sys- 
tem in December, but the company 
will offer a two-step migration to 
its 64-bit z/OS software. 


7 Novell’s new version of its ZEN- 
works desktop PC management 
software doesn’t require users to 
install a NetWare client. 


8 Beset by losses, Caldera is 
changing its name and re-empha- 
sizing its SCO Unix software. 

14 Hewlett-Packard introduces 
dual-Pentium blade servers and 
says it plans to add four-processor 
models in the first quarter of 2003. 
For the latest news, updated twice daily, visit 


x QuickLink: a1510 
www.computerworld.com 





BIG DEALS IN 
FLAT SCREENS 


With their prices plummet- 
ing, it’s time to take another 
look at flat-panel displays. 
In this week’s Hands On, 
we review Planar’s whop- 
ping 23-in. model and an 
18-in. monitor from Sharp 
with outstanding color. 
PAGE 32 
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TECHNOLOGY 23 


23 Nicholas Petreley says Micro- 
soft’s monolithic architectures 
make its products prone to holes. 


24 Field Report: Software distrib- 
ution and configuration manage- 
ment tools can orchestrate a num- 
ber of vital tasks, but managing 
such systems is far from simple. 


26 Steelcase turns to a learning 
tool from OutStart to help train its 
workers in SAP. 


30 Emerging Technologies: New 
processors reduce the power re- 
quirements of mobile computing 
while boosting performance. 


34 QuickStudy: File systems orga- 
nize and track files and associated 
metadata stored on disk drives. 


36 Security Journal: A rollout of 
password-locked screen savers 
seemed to go over well at Vince 
Tuesday’s company — but it took 
directory-based policy enforce- 
ment to really make the rules stick. 


MANAGEMENT 39 


39 John Berry says that imple- 
menting economic value-add 
metrics can motivate CIOs and 
IT managers to think differently 
about their investments. 


42 IT managers are marketing IT 
within their companies in an effort 
to win buy-in from business users. 


44 Some IT managers use pres- 
sure as a management technique, 
thinking it will spur creativity. But 
research conducted by doctoral 
student Constance N. Hadley at 
Harvard Business School indicates 
that the opposite may be true. 


46 Career Adviser: Fran Quittel 
counsels a reader interested in 
RFID, and a security professional 
who’s trying to create a new top- 
level position at his company. 


46 Workstyles: Capital One’s 
Eric Davis says the performance 
bar in his IT department is pretty 
high, but the work is definitely 
rewarding. 


Patricia Keefe predicts that an 
impending government report on 
cybersecurity will include a call for 
corporate IT to join Uncle Sam’s 
battle against online invaders. 


Pimm Fox lays the blame for 
Agilent Technologies’ ERP fiasco 
not on the vendor, but on business 
managers enamored with flashy 
desktop dashboards at the expense 
of proven business processes. 


David Foote says the future for 
information security professionals 
will be a bright one. And he has the 
statistics to prove it. 


Frank Hayes also looks at the 
future of IT work, but he thinks the 
best opportunities will be for those 
who can deal with the major trans- 
formation that lies ahead for both 
IT and business. 


Editorial/Letters 
How to Contact CW 
Company Index 
Shark Tank 
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DO'S AND DON'TS 


After reading “Tooting Your Own 
Horn” on page 42, go online for 
some tips on how best to promote 
IT within your organization. 


QuickLink: 31263 


EMERGENCY TEST 


A public-safety wireless data net- 
work being built in the Washing- 
ton area to help officials share crit- 
ical data during disasters could 
serve as a model for other com- 
munities across the U.S. 


QuickLink: 32561 


COMPREHENSIVE 
TECH BRIEFS 


Find the information you need on 
choosing, implementing and man- 
aging technology. Visit the Com- 
puterworld store online to pur- 
chase comprehensive Executive 
Briefing reports on security, stor- 
age, ROI and other topics. 
QuickLink: a2420 


WHAT'S A QUICKLINK? 


e On some pages in this issue, 
you'll see boxes with this ar- 
row icon. They mention QuickLink 
codes that point to additional, re- 
lated content on our Web site. En- 
ter that code into our QuickLink 
box online, which you'll see at the 
top of each page on our site 

Use QuickLinks to see related 
stories, discussion forums, re- 
search links, archives and more. 
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Hershey Completes 
SAP System Upgrade 


Hershey Foods Corp., which en- 
countered major problems on its 
initial rollout of SAP AG’s R/3 and 
other business applications in 1999, 
said it has successfully upgraded to 
the Web-enabled mySAP.com ver- 
sion of the enterprise resource plan- 
ning software. The Hershey, Pa.- 
based company said the upgrade 
was completed in 11 months and 
came in 20% under budget, without 
disruptions to its customers. 


Microsoft Readies 
First XP Service Pack 


The first service pack update to 


Windows XP is due to be released to | 


manufacturing by early next week, 
said Charmaine Gravning, a Win- 
dows product manager at Microsoft 
Corp. The company needs to make 
the set of bug fixes and feature up- 
grades available to users by Nov. 6 
in order to comply with its proposed 
antitrust settlement with the U.S. 
Department of Justice. 


Ericsson Weighs 
Plan to Outsource IT 


Stockholm-based LM Ericsson Tele- 
phone Co. said it may outsource IT 
as part of a restructuring aimed at 
cutting costs. A spokeswoman said 
the maker of mobile telephone 
handsets and other products is 
looking for an outsourcer to take 
over its global IT operations, which 
have about 4,000 employees. 


Global Server Sales 


Off Sharply in Q2 


IDC in Framingham, Mass., and 
Gartner Inc.’s Dataquest Inc. unit in 
San Jose both said worldwide serv- 
er shipments fell by more than 10% 
year over year in the second quar- 
ter. IDC said total sales dropped 
from $12.6 billion in 2001 to $10.5 
billion. Dataquest said sales went 
from $11.6 billion to $10.1 billion. 








NEWS 


Midrange Storage 
Market Booming 


Demand grows as 
budgets tighten and 
products get better 


BY LUCAS MEARIAN 
N THE MIDST of contin- 
ued corporate IT belt- 
tightening, storage ven- 
dors are fighting one an- 
other over sales in the 

burgeoning midrange market 

as users look for small but pow- 
erful disk arrays that can cen- 
tralize their storage and scale 


| across distributed networks. 


EMC Corp., Network Appli- 
ance Inc., Hitachi Data Sys- 
tems Corp., Hewlett-Packard 


| Co. and Brocade Communica- 


tions Systems Inc. are all ex- 
periencing sales upticks from 


| the midmarket, according to a | 


report issued last month by 


| Clinton Vaughan, an analyst at | 
| Salomon Smith Barney Hold- 
| ings Inc. in New York. 

| Asa result of the shift in de- | 


mand, vendors such as EMC 
and Hitachi are rushing to 


IBM to Stop 0 


Offers ‘bimodal 
migration’ support 
for move to z/OS 


BY JAIKUMAR VIJAYAN 
Mainframe users still stuck 
on IBM’s previous-generation 


| OS/390 operating system now 
| have a compelling reason to | 
| switch 

IBM will stop new sales of the | 


to the current z/OS: 
OS/390 Dec 17. 

After that 
will no longer be able to order 
the OS/390, said Pete McCaf- 
frey, an IBM director. The com- 
pany will continue to support 
the 3]-bit operating system at 


date, customers 








= Modular midrange arrays 
typically have no more than 
two RAID controllers. But they 
can be coupled together or recon- 
figured with additional storage 
more easily than high-end arrays. 
@ Midrange arrays cost about 
5 cents per megabyte, half the 
price of high-end arrays, said 
Enterprise Storage Group analyst 
Arun Taneja. But they now include 
high-end features like data snap- 
shot and remote mirroring tools. 


pump up the performance of 
their “modular” midrange prod- | 


ucts and scale down their high- 
end to better fit 
needs of departments and mid- 
market companies. 


arrays 


For example, Santa Clara, | 
Calif.-based Hitachi plans to | 
introduce later this year a new | 


storage array that will use its 


| high-end Lightning 9900 V Se- | 


ries architecture but will be 
targeted at the midmarket. The 


device will offer higher perfor- | 


/390 Sales 


least through September 2004, | 


he added. 

IBM’s announcement comes 
roughly 18 months after it 
started shipping the 64-bit 
z/OS along with its zSeries 
mainframes in March 2001. 

The move should come as 


no surprise to users, McCaf- | 


frey said. “We've told cus- 
tomers all along that this is 


what we will be doing. All we | 
did now was to essentially re- | 
mind them that time was run- | 


ning out,” he added. 


To ease the migration froma | 
31-bit environment to a 64-bit | 


one, IBM is offering OS/390 
customers a “bimodal migra- 
tion program.” 


Under the program, 


the | 


users | 


mance than the Thunder 9200 
array, a scaled-down version 
| of Hitachi’s Freedom Storage 
| Lightning 9900 box, which was 
released last year. 

EMC last month added a 
CX600 model to its Clariion 
midrange product line that tar- 
gets the upper levels of the 
midmarket and departmental 
sector [QuickLink: 32019]. The 
Hopkinton, Mass.-based com- 
pany also plans to build a 
scaled-down version of its high- 
end Symmetrix array that will 

be positioned above the CX600, 
| executives said. 

Because of software ad- 
vances on midrange devices, 
IT managers “can achieve a 
heck of a lot of performance 
from a modular system at a 
much better price” than they 
would pay for high-end arrays, 





Enterprise Storage Group Inc. 
in Milford, Mass. (see box). 
Lev Gonick, CIO at 
Western Reserve University 
in Cleveland, is using EMC’s 


Case 


attached PC storage for storing 


| who move to z/OS on a zSeries 
machine can run the operating 
system in 31-bit mode for six 
months before being required 
to operate it in full 64-bit mode. 

The program reverses an 
IBM policy that mandated that 
users run z/OS only in full 
64-bit mode on zSeries main- 
frames. Currently, the OS/390 


We 


IBM’s 
Bimodal z/OS: 


® Lets users return to 31-bit mode 
if there are problems in migrating 
to 64-bit operations. 





month period on 
each z/Architecture server beginning 
when 2/OS is licensed to the server 


® Doesn't extend support to those 
functions previously announced as 
requiring 64-bit zSeries hardware. 


said Arun Taneja, an analyst at 


CX600 to upgrade from direct- | 
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digital images and research 
data that the shares 
with other academic and cul- 
tural institutions in the city. 

Gonick considered a high- 
end array but last month chose 
to install two CX600s. The ar- 
rays are part of a STB storage- 
area network that cost $1.2 mil- 
lion but will let Case Western 
reduce its storage administra- 
tion staff from 20 full-time 
employees to three, he said. 

“We now have a sweet spot 
in price/performance for the 
core speeds and feeds we're af- 
ter,” he said. “But perhaps 
more importantly, it was our 
estimation that we’ve got, for 
the first time ever, intelligent 
software ... which many of us 
have been waiting for.” 

Bob Schultz, vice president 
of marketing solutions for net- 
work storage at HP, said his 
company has been hawking 
modular arrays for four years 
and is seeing greater traction 
in that market. “We see cus- 
tomers who previously were 
buying monolithic storage mov- 
ing to a modular architecture,” 
he said. D 


school 


STORAGE DOWNLOAD — 


For extensive coverage of storage tech 
nologies and issues, visit our Storage 
Knowledge Center 


QuickLink: k1700 
www.computerworld.com 


can run on zSeries hardware in 
31-bit mode. 

Going forward, IBM will also 
introduce new releases of its 
mainframe operating systems 
only once a year instead of 
twice annually, as is the cur- 
rent practice, McCaffrey said. 
| The change is being made be- 
cause mainframe users have 
typically tended to upgrade 
their operating systems on 12- 
to 18-month cycles, he said. 

Mike Kahn, an analyst at The 
Clipper Group Inc. in Welles- 
ley, Mass., said the move is 
probably also the result of IBM 
trying to improve quality and 
| cut the costs involved in re- 
freshing its mainframe operat- 
| ing systems. 

“It costs IBM a lot of money 
to introduce new features and 
qualify each new release,” 
he explained. D 
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NEWS 


ZENworks Upgrade Drops Need for NetWare Client on PCs 


Novell looks to open up its desktop 
management software to Microsoft shops | 


BY MATT HAMBLEN 
Novell Inc. began shipping 
Version 4 of its ZENworks for 
Desktops management 
ware last week, with an impor- 
tant improvement that makes 
the product no longer depen- 
dent on a Novell NetWare 
client to manage workstations. 
The new version can also be 
combined with Novell’s ZEN- 


soft- 


works for Servers and ZEN- | 


works for Handhelds products 
to give network administrators 
a view of a company’s entire 
user realm of desktops and 


mobile devices from a single | 


console. That should make it 
simpler to monitor the systems 


lysts noted. 

Users welcomed the news. 
Allina Hospitals & Clinics in 
Minneapolis plans to roll out 
Version 4 in parallel with a 
planned Windows XP deploy- 
ment to 10,000 desktop PCs, 
Jeffrey Smith, a senior 
LAN analyst at the company. 


said 


@A story in our Aug. 12 issue 
[EMC Adds Disk Array to Speed 
Midrange Storage”), as well as a 
text box that accompanied the 
story, misstated the maximum 
bandwidth of EMC Corp.'s new 
CX600 storage device. The array 
is capable of transmitting data 
at a rate of up to 1.3GB/sec. and 
includes twice as many data 
ports as a rival product made 
by Hewlett-Packard Co. 

= Astory on Intel LANDesk 
Mobile Manager in our Aug. 28 
issue misidentified a Gartner Inc. 
analyst. The correct name of the 
analyst is Ronni Colville. 


@ Also in the Aug. 28 issue, a 
story on IBM mainframe pricing 
included an incorrect title for Rob 
McCurley of AFLAC Inc. He is 
a second vice president in 
AFLAC’s IT department. 


| SQL Server instead,” 
and update applications, ana- | 


‘SBC Offers to Manage 


| isn’t new, 





| Allina has used Version 2 of 


ZENworks since a Y2k readi- 


ness project in 1999 and has | 
found it “absolutely essential” | 


in distributing up to 700 appli- 
cations to desktops since then. 


“In health care, there are con- | 


tinual upgrades,” Smith said. 


Allina will also be consider- | 


ing ZENworks for Handhelds, 


since mobile computing is gain- | 
ing importance, but at this point 
Smith is more interested in the 


open nature of Version 4. “Pre- 


vious versions forced you to | 
use the Novell inventory data- | 


base system, and now we 


can 


aim this inventory to Microsoft | 


he said. 


PLE aisle ee) 


ZENworks for 
Desktops 4 


AVAILABLE through Novell 
resellers for $69 per user 


INTEGRATES with Microsoft 
Active Directory and Windows 
NT domains 


INCLUDES Wise InstaliTailor 
from Wise Soiutions Inc. to 
simplify the software installation 
process by customizing Micro- 
soft Installer 


While Allina roughly 
three times as many Microsoft- 
based servers as Novell-based 


has 


| not use what we have?” 


been 


| acquires companies that 


| Version 4 
| accurate, 


ones, Smith said he wants to | 
deed the case. 


hold onto Novell’s eDirectory. 
“EDirectory stable, 
why reinvent the wheel? Why 


is so 


Network Quality of servic 


BY MATT HAMBLEN 
SBC Communications Inc. 


| week announced a managed 
| quality-of-service (QOS) pro- 


gram designed to give corpo- 
rate IT managers a clearer pic- 
ture of their data, 
video network traffic so they 


voice 


serve 
last | 


and | 


can allocate bandwidth to im- | 


portant applications. 


The idea of network QOS 


but users and 
lysts said having the capability 
offered as a service by a major 


ana- | 


network operator is. San Anto- | 
nio-based SBC is teaming up | 


on the service with Waltham, 
Mass.-based Sitara 
Inc., which makes a network 


Networks | 


| traffic management server that | 


will be installed between a cus- 


tomer’s WAN egress routers 
and LAN switches. 


SBC said it will work with 


users of the service to priori- | 


fic on their networks and ad- 
just those settings in the Sitara 


| server as needed (see box). For 


example, a company could re- 


tize the different kinds of traf- | 


} 


| 


bandwidth every 


so | 


he said. 


Matthew Krieger, assistant 


director of global network ar- 


services at The 
Digest Association 
in Pleasantville, N 
a beta tester of Version 4, 
and has Version 3 installed on 


chitecture 
Reader’s 


Inc. Y., has 


4,000 desktops in 19 countries. | 


The open nature of Version 4 
will let the publisher deploy 


Ware client as Reader’s Digest 
are 
pure Microsoft shops, he said. 
Krieger said reports calling 
“clientless” are in- 
because client soft- 
ware that comes with ZEN- 
works still needs to be installed. 
Analysts confirmed that is in- 


ZENworks 3 has been used 
for massive software deploy- 


| QOS settings for customers, 


| Moore 


But data and 
communications man- 


noted. 
voice 


| agers inside a company often 
| disagree on which traffic should 


| get priority, 


Mon- | 


day morning for a video or au- | 


dio presentation by its CEO, 
while giving 


lower priority at | 


that time to WAN traffic such | 


as e-mail and file transfers. 
Bill Moore, telecommunica- 


tions manager at the Museum | 


of Modern Art in New York, 
said that even though he isn’t 
an SBC customer, he’s 
pressed by the concept 


tractive to explore,” 


“The ongoing monitoring com- | 


ponent makes a lot of sense.” 
The museum is building a 


new facility that’s due to open | 


2004, 


voice 


in late 
install over IP (VOIP) 
technology the 500 end 
users who will work there. A 
service that regulates network 
traffic to give sufficient prior- 
ity 
certain times would be helpful, 
Moore said. 

Almost 
working 


for 


to voice transmissions at 


net- 
VOIP 


every major 


vendor sells 


gear and will initially establish | 


and it plans to |} 


Outside 
input from “impartial” SBC en- 
gineers could help resolve the 
differences, he added. 


he said. 


Moore is also president of 


New York-based Communi- 
cations Managers Association 
Inc., a user group of telecom- 
munications and data network 


managers at 75 companies in | 
He said he ex- | 
| pects other network operators | 
im- | 
“It’s a | 
| service that would be very at- 
he said. | 


the Northeast. 


to soon offer services similar 
to SBC’s. VOIP is “so packet- 
loss intolerant that QOS is the 
whole ballgame,” he said. 


SBC's New Offering 


HOW IT WORKS 


ments at Reader’s Digest, 
bringing the time required for 
such down from 
weeks to one or two days. “The 
reality is that we couldn’t sur- 
vive without this product,” 
Krieger said. 

Ronni Coiville, an analyst at 
Stamford, Conn.-based Gartner 
Inc., said it was “critical” for 
Novell to do away with the 
NetWare client. “It had been an 
impediment for them. Since 
Version 4 non-Net Ware 


processes 


is a 


| client, Novell might get more 
ZENworks without the full Net- | 


acceptance in pure Microsoft 
shops where there has been no 
Novell,” Colville said. 

Novell’s directory approach 
is “more mature” than what 
Microsoft offers, she added, 
giving Microsoft users an in- 
centive to consider Novell. D 


MORE ABOUT ZENWORKS — 


For an in-depth look at ZENworks and other 
oftware distribution and configuration 


anagement tools, turn to PAGE 24. 


But a telecommunications 
manager at a New England- 
based insurance company dis- 
missed the managed service 
idea. The manager, who asked 
not to be named, said his com- 
pany would never trust a car 
rier to gain access to its net- 
work in the way SBC intends. 

Michael Harris, an analyst 
at Gartner Inc. in Stamford, 
Conn., said the SBC service “is 
innovative and may offer inter- 
esting ways to manage traffic.” 
But, he added, “it’s unclear to 
me that SBC will do a tremen- 
dous business with this.” Some 
IT managers will likely contin- 
ue to solve bandwidth con- 
straints by simply adding an- 
other T1 pipe, Harris said. D 


= SBC evaluates a customer's network traffic for several weeks and 
helps the company prioritize its data with ratings of “critical,” “important” 


or “best effort.” 


= The settings are stored in the Sitara server and used to regulate 
traffic. The server sends reports to a secure Web site every 15 minutes, and 


adjustments can be made as needed. 
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PRICING 


# List pricing for the service on a full T1 connection includes a $4,000 
setup charge and a monthly fee of $500. For a fractional Ti connection, 
the prices are $3,000 and $410, respectively. 








NEWS — 


Caldera Pushes SCO Unix to 
orefront in Turnaround Bid 


Struggling software vendor renames itself 
SCO Group, aims to regain user loyalty 


BY TODD R. WEISS 
N A BID TO STOP a series 
of losses, Caldera Inter- | 
national Inc. — known | 
primarily as a Linux soft- 
ware and services ven- | 
dor — last week said it plans to 
focus more attention on the 
once-lucrative SCO Unix busi- 
ness it bought two years ago. 

Lindon, Utah-based Caldera 
said it plans to change its name 
to The SCO Group Inc. to take 
advantage of the SCO name, | 
which is familiar to IT man- | 
agers who still use the low-end | 
Unix software. 

Caldera acquired the SCO 
Unix technology along with | 
The Santa Cruz Operation | 
Inc.’s services division in late 
2000. But the firm has been hit 
hard during the past 12 months 
by weak sales and layoffs (see 
box). Last week, it reported a 





$4.5 million net loss on revenue 
of $15.4 million for its third 
quarter, which ended July 31. 

Reg Broughton, senior vice 
president of worldwide opera- 
tions at Caldera, said the com- 
pany will continue to support 
both Linux and SCO Unix and 
add new programs to help re- 
sellers expand the Unix soft- 
ware’s market share. 


New Management 

The name change and strate- 
gy overhaul comes two months 
after co-founder and CEO Ran- 
som Love left the company and 
was replaced by outsider Darl 
McBride [QuickLink: 30943]. 

“Now, with a new CEO and 
a new economy, we need to 
invigorate the company,” said 
Broughton. 

That may not be easy. For 
example, two longtime SCO 


Unix users said they think the 


| new strategy is a good one but 


that it comes too late for their 
companies — both of which 


Tom Pratt, the information 
systems manager at Coastal 
Transportation Inc. in Seattle, 
said service and support im- 
proved after Caldera took over 
the SCO divisions. 

But the shipping company is 
now migrating to Red Hat Lin- 
ux, Pratt said. The motivators, 
| he added, include rising licens- 
ing costs for SCO and the need 
to pay for special developer 
editions to build applications. 

Roland Priest, a Unix ad- 
ministrator at The Pep Boys, a 
Philadelphia-based auto parts 
retail chain, said returning to 
its Unix roots should help Cal- 
dera retain its strongest cus- 
tomers. But Pep Boys is re- 
placing SCO Unix with IBM’s 
| AIX operating system so it can 





by IBM. 


| “The path has already been | 


CALDERA’S STRUGGLES 


September 
2001 
Caldera lays off 8% 
of its workers in effort 
to stem losses. 


BY MATT HAMBLEN | 
Cambridge, Mass.-based Data- 
Power Technology Inc. last | 
week released XML accelera- | 
tion hardware, the latest entry 
in a nascent market for special- | 
ized devices that can efficient- 
ly process XML messages. 
According to DataPower, the 
XA35 XML Accelerator starts | 
at $55,000. The XA335 is a disk- 
less networking appliance that 
is designed to off-load XML 
processing from general-pur- 


The company cuts 

another 15% of its 

workforce as sales 
continue to lag. 





pose servers. 


May June 


Joshua Walker, an analyst at 
Forrester Research Inc. in Cam- 
bridge, Mass., said similar de- 
vices are being offered by other 
start-ups, such as Sarvega Inc. 
in Burr Ridge, IIl., and Dallas- 
based XBridge Software Inc. 

Hemscott PLC in London 
is one of DataPower’s beta 
testers. The provider of finan- 
cial information began using 
XML two years ago to post 
news about large European 
companies in an Oracle Corp. 
database for Web distribution, 


CEO Ransom Love 


departs to head 


August 
Caldera revives SCO 
name and re-empha- 

sizes Unix roots. 


Networking Devices Look to Speed XML Use 


but Stephen Roche, Hemscott’s 


the data transformation proc- 
ess was too slow. 

In some cases, it would take 
as long as 25 seconds to con- 
vert data so the information 
could be sent to Hemscott — 
performance that Roche said 
was not acceptable. 

Roche installed a test model 
of the XA35 six months ago and 
said it has reduced the data 
transformation time to approx- 
| imately 1 second.D 





plan to shift to different oper- 
| ating systems. 





use more robust servers made | 


chief technology officer, said | 





set,” Priest explained. 

Unix software and services 
represented “really the only vi- 
able business model” Caldera 
had, said George Weiss, an ana- 
lyst at Gartner Inc. in Stam- 
ford, Conn. The decision to 
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focus more heavily on those 
offerings could help the com- 
pany regain the loyalty of some 
users, he added. 

But according to Al Gillen, 
an analyst at IDC in Framing- 
ham, Mass., the changes at Cal- 
dera are mostly being made on 
the surface. 

“They’re trying to regain the 
momentum that SCO had, but 
that’s going to be hard to do,” 
Gillen said. “The momentum 
they’ve had in the last few 
years has been downhill.” D 





Documentum Preps Updated 
Content Management Tool 


Version 5 adds 
ease-of-use features, 
collaboration aids 


BY TODD R. WEISS 
Documentum Inc. next week 
plans to announce a new ver- 
sion of its namesake content 
management software that in- 
cludes features aimed at mak- 
ing it easier for corporate users 
to organize key business data. 
Documentum 5 is due to be 
launched at the 
Calif.-based vendor’s user con- 


Pleasanton, 


ference in Orlando. The Doc- | 


umentum software competes 
with tools from vendors such 
as IBM, Costa Mesa, Calif.- 
based FileNet Corp., Toronto- 
based Hummingbird Ltd. and 
Waterloo, Ontario-based Open 
Text Corp. 

Lubor Ptacek, director of 
product marketing at Docu- 
mentum, said the upgrade 
should be easier to use and will 
provide improved project col- 


laboration tools and new trust- | 


ed content features designed 
to support encryption, single 
sign-on and digital signatures. 
Pricing will average between 
$300,000 and $350,000, he said. 
John Koerwer, the design au- 
tomation manager at The BOC 
Group PLC in Windlesham, 
England, said the new ease-of- 
use features coming in Docu- 
mentum 5 will be a welcome 


| addition to a good product. 


| Documentum 
5’s Features 


= Easier to develop and deploy user 
interfaces 


® Expanded collaboration tools for 
project teams 


= Improved features for regulatory 
compliance reporting 


@ Support for more types of data, 
including images and Web content 


BOC Group, which makes 
industrial gases and other 
products, uses Documentum’s 
current Documentum 4i soft- 
ware in 1,000 facilities across 
22 countries. The content man- 
agement software lets the com- 
pany catalog data so it can be 
found at a moment’s notice 
anywhere it’s needed, Koerner 
said. The upgrade should make 
it easier to create customized 
user interfaces, he added. 

Wayne Aiello, vice president 
of e-business services at Cor- 
porate Express Inc. in Broom- 
field, Colo., said he expects 
to be able to deploy Documen- 
tum 5 to users at the office sup- 
ply company without requiring 
costly software training. 

“Documentum has always 
been chock-full of features, 
but the user interface required 
training,” Aiello said. “Look- 
ing at what they’ve done [in 
the new release], it’s a lot more 
| user-friendly.” D 
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Tun Utilities Go Back to Basics 


Sun Predicts Loss, 
Flat Sales for Quarter 


Sun Microsystems Inc. said it con- 
tinues to expect a “slight loss” for 
its first quarter, which ends Sept. 
30. The company added that rev- 
enue will likely be similar to the 
$2.86 billion figure it reported for 
last year’s first quarter. “We have 
not seen any improvement in the 
current IT spending environment,” 
said Stephen McGowan, Sun’s chief 
financial officer. “Some would say it 
might actually be worsening.” 


With tight IT budgets, focus is on core 


customer service and operational systems 


BY THOMAS HOFFMAN 
AS AND ELECTRIC 
utilities are 
ing a decidedly 
back-to-basics ap- 


| American 


tak- | 


proach to priori- | 


tizing their IT investments. 


The post-Enron effect of tum- | 


bling credit ratings, 
battered stock prices 
and lower energy trad- 


| ing volumes has led 


Windows Certificates | 
Vulnerable to Attack 


many firms to tighten 


their IT purse strings and fo- | 
cus on enhancing systems that 


support customer service and 


| core operations. 


Microsoft Corp. warned that attack- 
ers could remotely corrupt or delete 
digital certificates stored on sys- 
tems running most versions of Win- 
dows due to a flaw in an ActiveX 
control used to request new certifi- 
cates via the Web. The software 
vendor gave the vulnerability its 
highest severity rating and advised 
Windows users to install a new 
patch designed to fix the problem. 


Oracle to Release 
Licensing Guide 


Oracle Corp. said a promised guide 
to its software licensing policies will 
be made available for download 
from its Web site this week. The 


40-page Software Investment Guide | 


consclidates information that previ- 
ously was in separate documents. 
Oracle, which has faced criticism 
over some of its licensing policies 
this year [QuickLink: 28298], said 
the new guide should answer most 
questions users have about pricing. 


Short Takes 


IBM said it acquired Glen Ellyn, Ill.- 
based TRELLISOFT INC., a develop- 
er of storage resource management 
software, for an undisclosed price. 
... CISCO SYSTEMS INC. said it’s 
adding a series of security-related 
hardware modules to its Catalyst 
6500 Series switches. 


| dent of 


“It’s a perfect storm sce- 


| nario” that’s leading utilities to 
| focus on fundamental IT proj- | 


ects, said Terry Ray, vice presi- | 


energy 


| strategies at Meta Group Inc. 
| in Boston, 
published a report on North 


which last week 


information | 


energy utility IT 
spending trends. 


According to the 


cision-makers, this is the first 
time in four years that 


faster than 
As utilities 


improving their core | 


operations, the study 


said, most of the dis- | 


cretionary IT investments are 


being made in the following ar- | 
eas: transmission and distribu- | 
|} tion, energy trading and risk | 
| management, generation and | 
supply, collaborative customer | 
relationship management, and | 


energy management. 


Utilities “are seeing continu- | 


| ous change and uncertainty, 


and that 


they’re going to spend,” said Jim 


has 


iT Awaits Standard Market Design Criteria 


There’s a regulatory movement 
afoot that could significantly im- 
pact IT project prioritization by 
utilities in 2003 and beyond. 

In late July, the Federal Energy 
Regulatory Commission (FERC) 
announced a series of sweeping 
changes to the wholesale electric- 
ity market aimed at fostering com- 
petition, building more efficient 
transmission systems, improving 
reliability, creating more customer 
options and reducing costs. 

Although several independent 
system operators (ISO) have 
cropped up to form regional 
wholesale electricity markets over 
the past decade of industry dereg- 
ulation, FERC is trying to create a 
more competitive national market 
for wholesale electricity under the 
so-called Standard Market Design. 

At present, ISOs in areas such 
as California, New York, New Eng- 
land and the mid-Atlantic region 
are upgrading their IT infrastruc- 
tures with real-time information 
systems “to manage real-time mar- 
kets and transactions for pricing 


| 





power and transmission,” said Jim 
Walker, an analyst at Forrester Re- 
search Inc. Under the Standard 
Market Design, utilities will have to 
interconnect their generation, 
transmission and distribution sys- 
tems to ensure the smooth flow of 
power from generating stations to 
consumers across geographies, he 
said 

FERC will be gathering feed- 
back from industry participants 
through mid-October. In Decem- 
ber, it's expected to issue a ruling 
that will include data, software 
and cybersecurity provisions. Un- 
der the current FERC proposal, 
public utilities that own, operate or 
control interstate transmission fa- 
cilities will have to file an imple- 
mentation plan that complies with 
the regulations by July 31, 2003 

However PG&E CIO Roger 
Gray said if FERC ordered “funda- 
mentally different business proc- 
esses” than what's in place under 
the California ISO, “that would 
have a huge business impact.” 

- Thomas Hoffman 


study, | 
which is based on responses | 
from 43 energy industry IT de- | 


IT | 
spending has failed to grow | 
revenue. | 


focus on | 


affected how | 
| billing systems and customer 
| service systems,” he added. 

| The back-to-basics approach | 
| seems to map with what energy 
| IT leaders say they’re focusing | 
on through this year and into | 
| 2003. 


| service, 


| Power 


Business Drivers for IT Investments 


Asked to rate the importance of key goals that influence IT 
spending decisions, utility IT executives responded as follows: 


Goal | 
Reliable infrastructure 


Protection of critical | 
business information assets | 


Operation and maintenance reduction 


Platform for revenue growth 


Platform for application growth 


Average Response 


Support for 24/7 global operation AE 3.35 


Platform for collaboration pe 3.27 


2 3 4 


Not key 


Base: 34 senior-level IT decision-makers at worldwide utility companies 


NFORMATION TECHNOLOGY SPENDIN 


META GROUP IN TAMFORD, CONN 


Walker, an analyst at Forrester | 


Research Inc. in Cambridge, 


Mass. The uncertainty also un- | 


derscores why “a lot of money 
is being spent to improve 


“My IT management 
team has been focused on ap- 


| plying technology across the 
| company to improve customer 
operational | 


increase 
efficiencies, improve reliability 


| and safety, and to harden both 
our physical and cybersecuri- 
| ty,” said Bryan Kearney, CIO at 


IdaCorp Inc. and The Idaho 
Co., both in Boise. 


| “Those are the basics.” 


“It’s a very basic approach 


| we're taking — focusing on im- 


proving customer service, opti- 


mizing our outage management | 


capabilities and improving our 


work management systems, 


and making sure all of those | 
systems are effectively tied to- | 


gether through a messaging in- 
frastructure,” said Gene Zimon, 


| senior vice president and CIO 


at NStar Corp., an energy deliv- 


| ery firm in Boston. By integrat- 


ing these efforts with a focus 
on data integrity and data 
cleanup, “we're making sure all 





3 IN THE ENERGY 


of the core systems work and 
support the business and are 
fully integrated,” Zimon added. 

Pacific Gas & Electric Co. is 
focusing on several “megaproj- 
ects,” said Roger Gray, vice 
president and CIO at the San 
Francisco-based utility. That 
includes plans for a December 
rollout of a highly customized 
customer information system 
from Morristown, N.J.-based 
SPL WorldGroup Inc. that ad- 
dresses California deregulation 
requirements, Gray said. 

PG&E is installing new en- 
terprise application integra- 
tion systems this month and 
overhauling its primary call 
center system by year’s end. It 
also plans to replace all of its 
major applications except its 


| human resources system by 


December, said Gray. That’s no 
small feat, considering the util- 
ity has held its IT budget in 
check the past few years while 
committing 75% to 80% of its IT 
spending to maintain and sup- 
port its existing infrastructure. 

“You just can’t shut down 


the business,” he said. “That's a 


huge driver.” D 


For more stories about IT spending, head to 

our IT Management Knowledge Center. 
QuickLink: a2120 
www.computerworld.com 
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NEWS — 


PeopleSoft Focusing 
On Integrating Apps 


AppConnect suite combines three products 


BY MARC L. SONGINI 


NEW ORLEANS 
EOPLESOFT INC. last 
week fleshed out the 
details of a plan to 
make multivendor 
application integra- 
tion one of its major technol- 
ogy focus areas. 
At its Connect 2002 Americ- 
user conference here, 
Pleasanton, Calif.-based Peo- 
pleSoft pushed the importance 
of real-time application and 
business process connectivity 
throughout a company. As ex- 
pected [QuickLink: 32364], the 
strategy the 
nouncement of a new product 
suite called AppConnect that’s 
aimed at helping users more 
tightly integrate data from dif- 
ferent applications. 
Focusing on integration isn’t 


as 


included an- 


a new concept for vendors of 


enterprise resource planning 
and other business 
applications. “Everybody is 


software 


HOMELAND SECURITY 


PeopleSoft has announced two software 
products aimed at homeland security uses 


QuickLink: 32502 
www.computerworld.com 


talking about it,” said Bruce 
Richardson, an analyst at AMR 
Research Inc. in Boston. With 


| new software sales slowing, 
| the logical step for companies 


such as PeopleSoft is to admit 
that “no one vendor can do it 


| all” and offer to help users tie 


| together applications, he said. 


Peter Gassner, vice presi- 


| dent and general manager of 


PeopleSoft’s technology group, 


| said the company hopes to 


‘SAP Expands 


| Features include 


role-based views 


BY MARC L. SONGINI 


SAP AG is rolling out a set of | 


role-based applications that it 


| claims will help simplify col- 


laborative processes within 


| companies by making it easier 


for end users to access data re- 
lated to their specific jobs. 

The vendor last week an- 
nounced its Employee Produc- 


Palm, BEA Team Up to Offer 
Developers Mobile Tool Kits 


| ilar deal with IBM to develop a 


BY BOB BREWIN 
Palm Inc. continued its assault 
on the enterprise market last 
week by announcing a strate- 
gic partnership with BEA Sys- 
tems Inc. that wiil provide de- 
velopers with tools designed to 
make it easier to build mobile 
applications with BEA enter- 
prise development software. 
Last month, Santa Clara, 
Calif.-based Palm signed a sim- 


| 
| 
| 
| 
| 


tool kit that works with IBM’s 
WebSphere Everyplace Access 
middleware to produce mobile 


| applications [QuickLink: 31606]. 


Palm’s tools will let develop- 
ers more easily build mobile 
applications within BEA Web- 
Logic Server 7 and BEA Web- 
Logic Workshop “without any 
knowledge of the Palm OS,” 
said Judy Kirkpatrick, vice 


| 








capitalize on the complexities 
of multivendor integration proj- 
ects. “Application integration as 
it is done today is a mess, and 
people have gotten used to liv- 
ing ina mess,” he said. 

Gassner said AppConnect 
should simplify the process by 
combining three products — a 
user portal, an integration bro- 
ker and a data warehouse — 
into one offering that supports 
Web services technology and 
works with application servers 
from IBM and BEA Systems Inc. 

David van Volkenburg, man- 
ager of IT applications at 


PepsiAmericas Inc. in Rolling 
| Meadows, IIl., said he has yet 
to fully research AppConnect. 
| But the suite caught his eye. 
“We do a_ tremendous 
| amount of integration within 
| our systems, so this product is 
| very appealing,” van Volken- 
| burg said. He noted that Pepsi- 
| Americas maintains more than 
70 application-to-application 
interfaces. An application like 
| AppConnect might simplify 
integration, he said. 
Jim Prevo, CIO at Green 
| Mountain Coffee Roasters Inc. 


| in Waterbury, Vt., has yet to 
| make up his mind about App- 


Connect or PeopleSoft’s con- 
nected enterprise strategy. 
“My intuition is that tech- 


| nologies that allow businesses 
to collaborate in a secure and 


private manner on a timely ba- 
| sis are a good thing,” Prevo 


orker Self-Service Software 


tivity Suite (EPS), which inte- 
grates self-service and produc- 
tivity enhancement tools for 


| managers and employees to 
} use throughout a 


company. 
SAP said EPS users with a 
browser can view data from 
different applications in order 
to better synchronize their 
work activities with business 


goals and speed up decision- 


making. 
The software links to other 


| SAP products, such as its hu- 
| man 


resources and finance 


president of strategic alliances 
at Palm Solutions Group. 

The tool kits will function as 
server-side controls acting as 
bridges between the BEA envi- 
ronment and the Palm OS. 


| They will include the Palm Re- 


liable Transport architecture, 
which connected 
(synchronous) and unconnect- 
ed (asynchronous) devices that 
are synchronized with a data- 
base via a dial-up connection. 

The tools will be added to 
San Jose-based BEA’s software 
at no additional cost to the 
user, Officials said. 

Bernie Schroeder, chief mar- 
keting officer at Stellcom Inc., 


supports 


modules, and it extracts and 
| consolidates data for different 
employees. For instance, an ex- 
| ecutive can get a high-level 
| view of business operations, 

while cther workers can use 
| EPS for tasks such as checking 
| service orders, reviewing 
| shipments or organizing work 
| schedules. 
| SAP already offers self-ser- 
vice tools for employees as 
well managers 
through its human resources 
and financial applications. But 


as business 


a San Diego-based developer 
that uses BEA software, said 
the tool kit should make it easi- 
er to develop applications for 
| businesses that want to sup- 
| port workers using Palm de- 
vices. Stellcom has had to 
| write custom software to sup- 
port mobile users, he said. 
Craig Mathias, an analyst at 
Farpoint Group in Ashland, 
Mass., characterized the deals 
| as a plus for Palm in its battle 
with Microsoft Corp. and its 
Pocket PC platform. But, he 
| said, Palm faces a struggle. 
“We live in a Windows 
world,” he said. “And the Pocket 
PC looks a lot like Windows.” D 
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~ Howto Use It 


PeopleSoft provided the 
following example of how 
AppConnect could be used: 
1. THE SOFTWARE’S integra- 
tion broker could be set up to ex- 
tract data frorn a CRM system 
based on Siebel applications. 


2. USING STANDARD Wet pro- 
tocols and formats, the data could 
be made available to a customer 
service worker via PeopleSoft’s 
user portal. 


3. SIMULTANEOUSLY, the inte- 
gration broker could access a 
PeopleSoft data warehouse and 
retrieve data about a customer. 


said. But he added that Green 
Mountain Coffee is a People- 
| Soft shop and probably doesn’t 
| need integration tools. D 





| EPS increases the integration 
| and visibility of data, said Sami 
Hero, a vice president of prod- 
| uct marketing at the software 
| 
| 
| 
| 
| 


vendor. 

SAP isn’t the only applica- 
tion vendor offering such em- 
ployee productivity tools, said 
Paul Hamerman, an analyst at 
Giga Information Group Inc. in 

| Cambridge, Mass. Among its 
| rivals are San Francisco-based 
| Plumtree Software Inc., which 
| sells an employee services por- 
tal, and Pleasanton, Calif.-based 
PeopleSoft Inc., which has de- 
veloped portal-based software 
that does things such as mea- 
sure employee productivity. 
Hamerman said SAP’s suite 
appears to go beyond those 
products in its ability to con- 
nect to transaction systems as 
opposed to being solely a hu- 
| man resources tool. However, 
installing EPS would probably 
require “significant process 
| change” at companies, he said. 
A PeopleSoft spokeswoman 
| said all of the company’s appli- 
cations are integrated within 
its portal software, enabling 
the portal to deliver data from 
any application to end users. D 
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Microsoft Releases 
289 Windows APIs 


Hewing to a promise made early 
last month [QuickLink: 32032], 
Microsoft Corp. made 289 of its ap- 
plication programming interfaces 
(API) available for download from 
its Web site for use by software de- 
velopers. Microsoft said the release 
of the APIs puts it in “complete 
compliance” with the proposed an- 
titrust settlement deal with the U.S. 
Department of Justice. 


Nortel Cuts Outlook, 
Plans More Layoffs 


Nortel Networks Corp. cut its rev- 
enue forecast for the third quarter 
and said it plans to lay off another 
7,000 workers by year’s end, low- 
ering the Brampton, Ontario-based 
company’s workforce to about 
35,000 employees. Nortel said 
third-quarter revenue will now likely | 
be down as much as 10% from the 
$2.77 billion (U.S.) it reported for 
this year’s second quarter. 


| tend its blade product line in 


NEWS © 
HP. Dell Bolster Blade 
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Server Product Offerings 


| Dual-Pentium HP systems geared toward 
| Web hosting, streaming media applications 


| BY BOB BREWIN 


EWLETT-PACKARD | 
Co. last week in- | 
troduced dual- | 
Pentium _ blade | 
servers, a move | 


| analysts viewed as a natural | 
| extension of the single-proces- | 
| sor blade servers brought to | 
| tocol firewalls, while the four | 


market by the now HP-owned 


| Compaq Computer Corp. in | 
January. 


Sally Stevens, director of | 
marketing at HP’s density opti- | 
mized server division, said the | 
company plans to further ex- | 


the first quarter with a four- | 
processor blade server. Blade | 


| servers are complete servers 
| on a tightly packed board that | 


can squeeze more processing | 


| power into a standard server 


GM Installs High-End 
IBM Unix Servers 


IBM said General Motors Corp. has 
bought 23 of its p690 Series high- 
end Unix servers for use in vehicle 
design and crash-test analysis ap- 
plications. Ten of the 32-processor 
servers have been combined to form | 
a supercomputer that’s being used 

at GM's facilities in Detroit, while 

the other systems were installed at 
sites in Germany and Sweden. 


Short Takes 


Markham, Ontario-based business 
applications vendor GEAC COM- 
PUTER CORP. agreed to buy Exten- | 
sity Inc., an Emeryville, Calif.-based | 
developer of procurement andex- | 
pense management software. . . . | 
The U.S. Securities and Exchange 
Commission approved NASDAQ 
STOCK MARKET INC.’s new $107 
million SuperMontage front-end | 
trading system. 


| Continued from page I 


‘HP Loss 


| for the company’s server and | 


| rack 
rack-mounted servers can. 


than  older-generation 


storage products. 
“HP lost worldwide server | 
market share to rivals in the | 
second quarter of 2002,” he | 
said. “I think even they may 
have been a little surprised at | 


| how fast Alpha server purchas- | 
| es, for instance, declined. 


HP also saw a slowdown in 


which was expected to be the 
area that would benefit most 
from the Compaq merger. In- | 


| stead, revenue declined 19% to | 


$4.8 billion, with commercial 
PC sales dropping 15%. 
Benefiting from this slow- | 
down have been rivals IBM | 
and Sun Microsystems Inc. on | 
the Unix server side and Dell | 


| delivery 
| its personal systems business, | 


Stevens said the new dual- 
processor blade servers are de- 


| 
| 
| 
| 
| 
| 


signed to support applications | 


such Web hosting 
streaming media. HP’s single- 
processor servers support se- 


as 


and | 


curity applications such as Do- | 


main Name System and Dy- 
namic Host Configuration Pro- 


blade servers will be able to 


handle back-end databases. 
Philip Papadopolous, pro- 
gram director for grid and 


' ¥ C ~ 
henna Sees 


ProLiant BL2Op 
Two-Processor 
Blade Server: 


up to 4GB synchronous 
dynamic RAM and up to 144GB of 
internal disk storage 


software that provides 
for automated configuration and 
provisioning of systems 


ting at $2,539 
a four-processor blade 
due to ship in first quarter of 2003 


in the center’s clusters. He not- 


| ed that since each blade plugs 


cluster computers at the San | 
Diego Supercomputer Center, | 


large computer cluster. “They 

integrated very cleanly, and we 

had no issues,” he said. 
Papadopolous said he 


| said he tested HP blades in a | 


lieves that blade servers can | 


help reduce cabling costs com- 
pared with the standard rack- 
mounted computers now used 


One example is a recent or- 
der for 20 Dell PC servers by 
Virchow, Krause & Co. The 
815-employee Madison, Wis.- 
based auditing firm previously 
used Compaq servers. 


| Computer Corp. in the Intel | 
| server market, analysts said. 


“Dell was extremely aggres- | 


sive in trying to lure us away 
from Compaq,” 
Smith, the firm’s technology 
director. Dell offered not only 


said 


Allen | 


into a backplane with its own 
power supply and network con- 
nection, the devices can dra- 
matically reduce the amount of 
cables required in a rack to just 


| one power cable and a network 
| cable for a chassis that can hold 
be- | 


multiple blade servers. 

Gordon Haff, an analyst at 
Illuminata Inc. in 
N.H., said HP’s new 


an analyst at US. 
lis. Revenue in this segment 
rose by about 10% to $4.7 bil- 
lion. But that alone isn’t going 
to be sufficient to sustain long- 
term growth, Kumar warned. 
“They clearly need to accel- 
erate their cost-cutting, given 
their lack of top-line growth 
for the foreseeable future,” he 


said. 


better prices, but also a faster | 


schedule for the 
servers, he said. 

Even IT services, which HP 
had predicted would remain 
largely unaffected by the merg- 
er, saw a decline of 7% 
enue compared with levels in 
the same quarter a year ago. 

In fact, the only real bright 
spot for HP continues to be its 
print and imaging systems 
business, said Ashok Kumar, 


| cult for the company at a time | 
when IBM and Sun are looking | 


HP’s heavy emphasis on 
hardware sales is also going to 
make things particularly diffi- 


| to software and services to pull 


/% in rev- | 


in profits, said Laurie McCabe, | 


an analyst at Summit Strategies 


| Inc. in Boston. 


HP has said that it hopes to 
use its OpenView software to 
drive new sales. But the com- 
pany’s recent decision to pull 
out of the middleware market 


Nashua, | 
dual- 
processor servers represent an | 


Bancorp | 
| Piper Jaffray Inc. in Minneapo- | 


| evolution of the company’s 
blade server product line, 
adding that “in many respects, 
blades are an evolution of rack- 
mounted servers.” 

Just a week earlier, Dell 
Computer Corp. said it plans to 
field a line of modular blade 
servers next year that will al- 
low customers to mix and 
match processors, memory 

and I/O devices. Darrell Ward, 
| senior marketing manager for 
blade products at Dell, said 
this approach will reduce ca- 
bling and operational costs 
while providing customers with 
greater flexibility. 

Stevens pointed out that HP 
is already shipping blade serv- 
ers in considerable volume 
3,000 units in the first quarter 
of this year. 

Even as Dell hypes its modu- 
lar blade plans, Haff said he 
doesn’t see that approach pro- 
viding the company with any 
competitive advantage in a 
market that “all the major ven- 
dors plan to compete in.” D 





{QuickLink: 31393] leaves it out 
of a booming and potentially 
lucrative business, McCabe 
| said.D 
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INTEGRATED key financial IT 
systems; on track to meet $45 
million goal in IT-related savings 
by end of fiscal year. 











s Relocate 


Be a 





It's what you want when you're integrating a global network. And it’s what you get with 
ProLiant server technologies from HP, powered by Intel” Pentium® Ill and Intel Xeon™ 
processors. ProLiant servers featuring advanced Lights-Out management solutions give 
you outstanding virtual presence and control capabilities, making it easier than ever to 
manage your distributed server environment. From practically anywhere. At any time 
Which means you can fix problems right away, without traveling to the actual site 
Which in turn, reduces expenses and increases productivity. End result? More control 


over your office, your expenses, and your life 


HP can help you plan, implement, and manage your infrastructure with scalable service 


and support solutions for every product, and every business 


Visit hp.com/go/proliant33 or call 1.800.282.6672, option 5, and 
mention code TZY for a white paper on adaptive infrastructure and a 
free trial of HP ProLiant Essentials software! 
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Management Pack and Rapid Deployment Pack only. For U.S. customers only. 200041T2/09/02 











NEWS 


Symbol Shoots for 
Lower-Cost WLANs 


Switch-based architecture set to debut 


BY BOB BREWIN 


YMBOL Technologies | 
Inc. next week plans | 
| Group Inc. in Stamford, Conn., 


to introduce what it 
claims is a radical 
change in the archi- 


LANs 


tecture of 
(WLAN). 
Analysts agreed with the 
company’s assessment that it 
has skipped past rival vendors 


wireless 


in key features while dramati- 


cally lowering the cost of wire- 
less networks. Symbol’s strate- 
gy is to place all the intelli- 
gence, including security and 
management, on a_ central 
switch and turn wireless LAN 


access points into simple ac- | 


cess ports with only a radio 
and an antenna. 

Gary Singh, senior vice pres- 
ident of Holtsville, N-Y.-based 
Symbol, said the company’s 
new Mobius WLAN architec- 
ture will be easier to install and 
manage and cheaper than com- 
peting products, since the ac- 
cess ports cost $279 vs. just un- 
der $1,000 for an enterprise- 
level access point. 

He said the cost of a Mobius 
WLAN system, which Symbol 
plans to introduce at the Net- 
world+Interop conference in 
Atlanta, about 


should cost 


$10,000 less than a system the | 


same size that uses traditional 
access points. 


Nothing New? 


While Singh touted Mobius | 
as a “total revamp” of existing | 


WLAN architectures, Lynn Lu- 
cas, marketing director at Sun- 


nyvale, Calif.-based Proxim Inc., | 


said it sounds much like the 


Harmony WLAN product line | 


her company introduced in 


1999. Lucas said Harmony uses | 
a distributed architecture, with | 
management of access points | 


and security provided by a 
central controller. ReefEdge 
Inc. in Fort Lee, N,J., also uses 
the controller approach. 

But analysts said Symbol’s 


| chairman of 
Critical Infrastructure Protec- 


Mobius architecture has leap- 
frogged the competition. Chris 
Kozup, an analyst at Meta 


said Mobius “is more feature- 
rich than Harmony. Symbol 
has a more tightly integrated 


| solution.” Plus, he noted, Sym- 
| bol has a cost advantage with 


its access ports. 


Continued from page I 


Cybersecurity 


the 


tion Board and the principal 
force behind the strategy. 
Olson said the published re- 


port is necessarily inaccurate | 
because the plan hasn’t even | 


been finished. 

“There were initial 
drafts, and many organizations 
provided input,” she said. “But 
we've just started to finalize it 
this week.” 

The concept of developing a 
federal NOC is definitely in 


many 


the strategy, but not with the | 
| aim of gathering e-mail data or | 
| expanding 
veillance, Olson said. Rather, | 
would be | 


government 


the federal NOC 
modeled after the 
Md.-based SANS _Institute’s 
Incidents.org Web and 
Internet Storm Center, a virtu- 


Bethesda, 


site 


al organization of advanced | 


intrusion-detection 
forensics experts and incident 
handlers from across the globe. 

Howard Schmidt, co-chair- 
man of the Critical Infrastruc- 
ture Protection Board, told 
Computerworld last week that 


analysts, 


the plan is to simply ask for 


greater voluntary data sharing 
on matters such as viruses and 
worms. He also stressed that 
establishing a central 
isn’t part of a plan to increase 
the government’s surveillance 
of private data. 


President’s | 





sur- | 


NOC | 





Kozup said Mobius will give 
p g 


| Symbol leverage to shift its | 
| WLAN 


focus from vertical 
markets — such 
systems to support bar-code 
scanning applications at Unit- 


ed Parcel Service Inc. and 


FedEx Corp. — to enterprise- | 


wide markets. He said Symbol, 
which hasn’t yet landed a beta 


| customer, could “give Cisco a 


run for its money.” 


Ken Dulaney, an analyst at 


Schmidt said the need for | 


a central government NOC 
stems from the lack of a single 


| collection point where govern- 


ment security can be analyzed. 
This central NOC would col- 
lect data from other govern- 
ment NOCs, such as the FBI’s 
National Infrastructure Pro- 
tection Center and the Penta- 
gon’s Joint Task Force for Com- 
puter Network Defense. 

These NOCs, in turn, would 
function in a fashion similar 
to the private sector’s Infor- 


Plan Preview 


The forthcoming National 
Plan for Protecting Cyber- 
space will focus on the 
following: 


@ Home and small-business users 


= Outreach efforts targeting com- 
panies in critical economic sec- 
tors, as well as state and local 
governments 

® Higher-education programs de- 
signed to expand the pool of “IT 
workers with a security discipline” 
and to encourage universities to 
conduct needed research and 
development 

® Balancing the need for greater 
security with the need to protect 
privacy and civil liberties 

® Working with other countries 
to better understand critical infra- 
structure interdependencies 
SOURCE: HOWARD SCHMIDT, CO-CHAIR 
MAN, PRESIDENT'S CRITICAL INFRA 


STRUCTURE PROTECTION BOARD, COM 
PUTERWORLD INTERVIEW, JULY 16 


suggesting 
as wireless | 


| Gartner Inc. in Stamford, said 


Mobius represents a signifi- 


| cant change to WLAN archi- 
tecture that will “embarrass” 
| Cisco Systems Inc. But in order | 
| to compete with Cisco in the 
| enterprise 
| Symbol will need to find a 


WLAN market, 
strong partner, Dulaney added, 
Dell Computer 
Corp. as a good candidate. 

A Cisco spokeswoman said 
it is company policy “not to 
comment on competitor an- 
nouncements.” 

While Kozup called Mobius 


| “impressive,” he said the real 


test will come with deploy- 
ment. “I’m skeptical of vendor- 


speak,” he said. D 


mation Sharing and Analysis 
Centers (ISAC) — 
formed within vertical indus- 


| tries to improve information 
| sharing about security vulner- 


abilities and threats. 
The SANS Storm 


and visualization techniques to 
analyze data collected from 
more than 3,000 firewalls and 
intrusion-detection systems in 
more than 60 countries. “We're 
hoping the [ISACs] one day es- 
tablish their own independent 
Storm Center network,” said 
Alan Paller, director of the 
SANS Institute. 

And that may be much easi- 
er to do now that Redwood 
City, Calif.-based Check Point 
Software Technologies Ltd., 
which operates more than 63% 
of all firewalls worldwide, is 
adding a Storm Center client in 


every one of its 260,000 gate- | 
| Schmidt. 


ways, said Paller. “That means 
anyone who wants to set up a 
Storm Center network can just 
tell their members to turn on 
the client and point it to their 
network node,” he said. 


A Work in Progress 


Although “sworn to secre- 


cy” about the specific contents 
| of the administration’s plan, 


Harris Miller, president of the 
Arlington, Va.-based Informa- 
tion Technology Association 


| of America, said last week that 


the plan remained “in a state of 
flux” and that any information 
made public to date “may or 


| may not still be in the doc- 


alliances | 
| also plans to release a revision 
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AT A GLANCE 


Mobius WLAN 
Architecture 


® Puts intelligence on a central 
switch and replaces $1,000 access 
points with $279 dumb access ports 


® Switch costs run from $2,895 
for a six-port switch to $5,367 for a 
24-port device 


= Switches can support multiple 
levels of security (WEP, Kerberos, 
802.11i and AES) on different devices 
all accessing the same port 


= Switches can support multiple 
802.11 protocols on same network 


® Switches can support multiple 
virtual LANs 


when it is released.” 
Bush administration 


ument 
The 


of the forthcoming plan as ear- 
ly as January, Schmidt said 


| during a recent press briefing 
Center | 
uses advanced data correlation | 


at the White House. The revi- 
will include details on 
“definitive programs,” he said. 
In addition, plans call for an- 
other seven town hall meetings 
to be held around the country 


sion 


| after the Sept. 18 release, to 


gather more feedback from 
both the private sector and the 


| general public, he said. 


Officials underscored the 
voluntary nature of the public 
private partnership, noting 
that the White House isn’t 
legally capable of forcing any 
sort of data-sharing agree- 
ments on the private sector. 
What the government can and 
plans to do, however, is “create 
government as a model,” said 


In an interview with Com- 


| puterworld last month, Clarke 


said the plan may include a 
governmentwide policy that 
requires all IT purchases to be 
independently certified for 
security prior to approval. 
Such a policy, which is cur- 
rently in effect at the Defense 
Department, was being “looked 


| at carefully,” but at that point 
| no decision had been made, 


he said. D 


UNCLE SAM WANTS YOU 


Patricia Keefe asks, What can IT do for 
National security without compromising 
corporate confidentiality? PAGE 20 
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THE STRAIGHT GOODS ON SOFTWARE INTEGRATION. }———————— 


TradeForce™ Suite by 
Financial Fusion, a 
subsidiary of Sybase, 
offers the most complete 
a 2 solution to meet the 


new Straight Through 

Processing (STP) 

requirements facing 

the trading industry. It 

makes the very difficult 
: task of STP simpler. 


This is just one of the 
software integration 
solutions available 


today from Sybase. 

Leveraging our expertise 

in database technology 
g and powerful new 


integration tools, Sybase 
can help integrate all 
the data and business 


MOBI IMOh Rae 


So you can extract the 
maximum value from 
not only your current 
infrastructure, but also 
from all the information 
that resides within it. 


Visit www.sybase.com/ 
integrationsolutions. And 
discover the possibilities. 


The Software a aoe 
Integration Company. a SYBASE 
We can help you integrate Information Anywhere 
all the data and business 
applications in your 
enterprise and extend 
them to any location in 
the world. So you can 
improve efficiency while 
preserving your existing 
infrastructure investments. 


SYBASE e-BUSINESS SOFTWARE. 
EVERYTHING WORKS BETTER WHEN EVERYTHING WORKS TOGETHER* 


2002 Sybase, Inc. and Financial! Fusion, Inc. All rights reserved. All trademarks are the property of their respective owners. 
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e Next Wave in IT Spending 
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Explore the realm of the Internet 
infrastructure hardware ecosystem. 


The demand for newer, better, faster, and more flexible solutions 
that tie in servers with software, storage, and services delivered 
through a unique channel is becoming a reality. As a result, IT 
server vendors are promising a service-centric systems infrastructure. 
At this year’s IDC Enterprise ServerVision, join IDC analysts and 
industry leaders.as they explore this new era of computing. Find out 
which companies will benefit by leading this revolution and which 
will jprofit by waiting for their own opportunity to play a major role. 
Will you be on that list? Do you have what it takes? 


Take this opportunity to interact with the players in the server 
industry and: 


¢ Find out who in the hardware industry has the right 
solution stack to deliver on this promise 


e Examine the software industry's approach to adaptive 
systems ee 


¢ Prepare your server platform to meet the emerging crite- 
ria for support of Web services 


© Explore the challenges that systems management and 
provisioning startup vendors face 


© Discover the profit pools in a service-centric computing 
value chain 


© Learn to build a commercial see ae utility platform 
from the technical grid computing world 


.. and much more 


IDC Enterprise 
ServerVision 2002 


Service-Centric Computing: 
Catch the Next Wave in IT Spending 


September 26, 2002 
The Westin, San Francisco Airport 


Register Online 
www.idc.com/esv02 


or Call 
800-605-5849 (978-597-0133 outside the United States) 


=IDC 
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Unisys Offers 


BY LUCAS MEARIAN 

Joining the move toward stor- 
age virtualization, Unisys Corp. 
last week announced a hard- 
ware appliance that pools data 
from different disk arrays in- 
stalled on a storage-area net- 
work (SAN) and lets the infor- 
mation be managed as if it were 
coming from a single source. 

Unisys’ Storage Sentinel is a 
RAID controller packaged in a 
refrigerator-size cabinet with 
2TB of internal disk storage. 
The system can be used to cen- 
tralize storage management 
procedures on a SAN, and in- 
cludes data snapshot, striping 
and mirroring capabilities that 
work across storage devices 
made by different vendors, ac- 
cording to Unisys. 

The Blue Bell, Pa.-based ven- 
dor said a standard configura- 
tion of Storage Sentinel costs 
$200,000. The appliance itself 
accounts for about 75% of the 
cost, and the price also in- 
cludes a set of consulting and 
implementation services. 

“The professional services 
were important to prove out 
why we're in this space,” said 
Jim Thompson, director of the 
Eastern Development Labora- 
tory at Unisys. The services 
include SAN design, project 
management, and network and 
system implementation. 


Complicated, But Better 


Bob Passmore, an analyst at 
Gartner Inc. in Stamford, Conn., 
said start-up vendors such as 
DataCore Software Corp. in 
Fort Lauderdale, Fla., Falcon- 
Stor Software Inc. in Melville, 
NY., and StorageApps Inc. in 
Bridgewater, NJ., are using mid- 
dleware to offer storage virtual- 
ization capabilities on SANs. 


But Passmore added that the | 


approach taken by Unisys dif- 
fers in that Storage Sentinel is 


set up outside of a SAN’s main | 


data path, enabling storage 
managers to take snapshots of 
data for backup purposes with- 
out having to shut down any 
servers. In the long term, that 
“is a better architecture, if per- 
haps a more complicated ar- 
chitecture,” Passmore said. 
Storage Sentinel is due to be 





released this week and will ini- 
tially support Unisys’ ES7000 
and ClearPath Plus servers, as 
well as other systems running 


NEWS 


Device to Pool Data on SANs 


Windows NT 4.0, Windows 
2000, Linux and Sun Solaris. 
The device includes a pair 
of redundant Fibre Channel 


switches made by San Jose- 


ased Brocade Communica- 


tions Systems Inc., as well as a 

built-in Ethernet switch. 
Storage Sentinel complies 

with the Mountain View, Calif.- 


based Storage Networking In- 


dustry Association’s Common 
Information Model, which 
specifies a consistent way of 
mapping the devices on a SAN. 
Tape storage virtualization ca- 
pabilities are due to be added 
next year, Unisys said. D 





Complete SAN LAN performance tools. 


Finisar has been offering its customers the tools necessary to increase efficient 
network operation for over 14 years. Finisar’s family of network analysis and 
performance testing products ensure optimum performance through constant 
monitoring, measuring and analysis; locating and repairing problems before 
they cause an impact. 


Listening to customer needs, we develop products that are flexible and scalable 
to grow and evolve with today’s SAN and LAN environments. No other company 
offers products as easy-to-use and easy-to-implement. 


Take a test drive. 


Remove the gridlock from your network. Test drive Finisar Performance Tools at 


www. finisar.com/testdrive 
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PATRICIA KEEFE 


Uncle Sam Wants You 


EARLY ONE YEAR after the Sept. ll 
attacks, we’re still grappling with the 
issue of cybersecurity. What to do 
about it. What to look for. What to 
track. How to analyze the data. 


The government is on 
the verge of releasing a re- 
port, due Sept. 18, that ad- 
dresses those questions on 
a grand scale. It will con- 
tain many mandates for 
federal agencies and CIOs. 
But it will also attempt to 
position the private sector 
as an important contribu- 
tor to this plan. 

We've already seen a 
Republican administra- 
tion lay down regulations 
in response to corporate scandals. 
Last week, the SEC adopted rules 
regulating how quickly executives 
must disclose key company infor- 
mation, report their own stock 
trades and certify corporate finan- 
cial reports. The resounding themes 
here are disclosure and assigning 
responsibility. 

In a similar vein, some in Congress 
argue that the government should 
use the SEC to force companies to 
come to the table on security. This 
could take the form of forcing busi- 
nesses to include security certifica- 
tions in their annual statements or as 
a requirement to be listed on the 
stock exchange. However, no legisla- 
tion has been proposed. 

While the president’s senior advis- 
er on cybersecurity, Richard Clarke, 
has repeatedly stated that there will 
be no new regulations attached to 
the draft National Strategy to Secure 
Cyberspace, it is clear he does want 
the private sector to help batten 
down the security hatches. To get 
that cooperation, the Bush adminis- 
tration is considering Freedom of In- 
formation Act exemptions for com- 
panies that report security breaches. 

Clarke’s office denied a published 
report last week that businesses will 


be asked to disclose, among other in- | 


a 
PATRICIA KEEFE is editorial 
director at Computer- 
world. You can contact 
her at patricia keefe@ 
computerworid.com. 





y formation, the identity of 
their IT security audit 
companies and the steps 
taken to secure their en- 
terprises. That’s good, 
because it’s foolish to re- 
quire companies to re- 
veal specifics about their 
security practices and 
procedures. That infor- 
mation should be kept 
confidential, especially 
given that there are no 
guarantees that federal 
databases (and laptops!) are secure. 

However, the plan does offer some 
recommendations worthy of explo- 
ration by IT. For example, private- 
sector IT should adopt minimum 
standards for ensuring product secu- 
rity and agree to purchase only “cer- 
tified” products. 

It makes sense for the government 
to centralize the gathering of infor- 
mation on cybercrime. Corporations 
should be willing to contribute to 
that data flow. In fact, IT depart- 








ments should implement a similar 
approach. 

But just collecting data isn’t 
enough. “You have to know what’s a 
real attack or you can become your 
own worst enemy. By not having the 
correct analysis, you might turn off 
or block legitimate traffic and kill 
your own business process — all be- 
cause you thought you were under 
attack. Most companies don’t have a 
solid policy for that sort of thing,” 
Computerworld security reporter 
and author Dan Verton told me. 

Since Sept. ll, there have been 
some powerful IT stories, especially 
from the financial sector — stories 
of recovery and planning for future 
attacks. But those actions haven’t 
been widespread. Many corporations 
remain reluctant to spend money on 
security and still don’t have compre- 
hensive security policies and proce- 
dures in place. 

The Bush administration is hoping 
to change that. Clarke is trying to 
nudge private-sector IT into a part- 
nership with government to help 
fight a cyberwar. This is where you 
have to decide what you can do for 
your country without compromising 
the confidentiality and needs of your 
company. How will corporate IT an- 
swer the call? D 


" We WERE BoINO 7p TEACH THE ENTIRE (T DEPARTMENT To 
SPEAK IN UNDERSTANDABLE TERMS , BUT We DECIDED IT 
WOULD BE CHEAPER TO HIRE AN INTERPRETER INSTEAD. “ 
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PIMM FOX 
Drivers Steer 


Success of IT 
Dashboards 


GILENT Technologies’ 

recent ERP woes aren’t 

a result of failed IT, 
but, like similar ERP mishaps, 


they indicate problems related 
to the initial planning and design of a 
complex system. Primarily, business 
managers sometimes forget that cool- 
looking executive dashboards bursting 
with data are no substitute for manag- 
ing fundamental company processes. 
Last month, when the maker of semi- 
conductor and communications test 
equipment said 
it lost money 
during the quar- 
ter largely be- 
cause of prob- 
lems with its 
ERP system 
{QuickLink: 
32361], it was 
hardly a surprise 
to learn it wasn’t 
all the fault of 
the vendor, Ora- 
cle. Last year, Nike tried to blame i2 


PIMM FOX is a freelance 
writer in San Francisco. 
Contact him at 
pimmfox@pacbell.net. 


| Technologies for glitches in its $400 


million supply chain management sys- 
tem that caused the shoemaker to miss 
profit estimates. But a deeper look re- 
vealed a set of customization and back- 
end integration problems. In 1999, Her- 
shey Foods had a similar fiasco when it 
rushed to implement SAP’s R/3 system. 

These snafus reveal more than just 
the complexity of trying to connect 
ERP systems to legacy applications 
across a wide range of financial activi- 
ties; they demonstrate how dependent 
senior business managers have be- 
come on IT systems to force-feed their 
view of a company’s financial health. 

This is worrisome, given that these 
technologies must be customized and 
re-engineered to accommodate specif- 
ic corporate processes while being 
tested and refined. IT is a tool for busi- 
nesses to be more efficient and com- 
petitive; it shouldn’t be viewed as a 
panacea to protect companies from 
poor business judgment. 

As IT departments assume the core 


| For more columnists and links to archives of previous 
| columns, go to 


@ computerworld.com/columns 
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responsibility for organizing financial 
and operational information, inevitably 
they will bear the brunt when bottle- 
necks and breakdowns occur. 

But is a better, more IT-centric exec- 
utive dashboard bubbling over with in- 
formation a substitute for knowing 
how to actually do business correctly? 

The example held up by dashboard 
advocates is Wal-Mart. At the end of 
each business day, Wal-Mart managers 
can electronically access reports to dis- 
cover best-selling products, learn about 
inventory levels and measure returns. 
This is powerful information, but re- 
tailers are experienced at gathering this 
type of data: IT simply enhanced a pre- 
vailing concept already done well. 

Business leaders should make busi- 
ness decisions based on experience and 
understanding of the marketplace and 
let IT craft intelligent, efficient and 
cost-effective ways to implement those 
decisions — not the other way around. 

Relying too heavily on the executive 
dashboard without knowing the right 
way to steer the business is like driving 
while staring in the rear-view mirror: 
It looks like it makes sense, but a crash 
is unavoidable. D 


DAVID FOOTE 
Info Security 
Job Boom 
Inevitable 


ISTORY IS RICH with 

examples of bright 

minds missing impor- 
tant trends that, in retrospect, 


appear almost ridiculously ob- 
vious. Bill Gates, for one, misjudged the 
Internet’s impact so badly in the first 
edition of his book The Road Ahead in 
1995 that subsequent editions required 
substantial face-saving rewrites. 

So it’s not necessarily surprising that 
more IT workers don’t see the Next Big 
Thing in IT careers — information se- 
curity. But I think I know what’s behind 
the myopia and what’s driving the enor- 
mous upside potential for security jobs. 

Information security is struggling 
through a major transition, expanding 
its focus to include protecting the vir- 
tual as well as the physical perimeter. 
And it’s tough to sell insurance against 
security-related catastrophes to 
stressed-out business executives fixat- 
ed on earnings, market share and cus- 
tomer satisfaction. 





NE 


Security execs frequently 
complain about lack of sup- 
port for new security initia- 
tives and the limited author- 
ity to get things done. Add 
to this the new demands to 
prove the effectiveness of 
security programs. Then 
there’s the friction between 
the security staff, the CIO 
and development teams. 
The truth is, information se- 
curity has long been man- 
aged in an ad hoc fashion 
with little done to formalize 
criteria that would make it a 
bona fide profession. 

However, if pay is an indi- 
cator of the future, change is afoot. 
Base pay for corporate IT security jobs 
grew 3.1% in the past 12 months, while 
average IT pay declined nearly 6% 
overall, according to my firm’s most 
recent quarterly compensation survey. 
Bonuses for security professionals 
climbed an average of 9.5%, but bonus 
pay for IT jobs overall dropped a steep 
34%, Premium pay for security certifi- 


DAVID FOOTE is presi- 
dent and chief 
research officer at 
Foote Partners LLC, a 
management consul- 
tancy and IT workforce 
research firm in New 
Canaan, Conn. 
Contact him at dfoote@ 


footepartners.com. 


cations is up a whopping 
23% since the first quarter 


of 2001, even though overall | 
| right combination of skills, knowledge, 
| experience and character, as I have dis- 
| cussed previously [QuickLink: 21597]. 


technical certification 
bonus pay declined 5% in 
that period. We expect se- 
curity pay to continue to 
outperform the market. 
Security budgets have 
been spared the drastic 
cost-cutting plaguing IT. 
That’s because companies 
are spending billions on 
e-business infrastructure 
and development and will 
continue to do so for years. 
Gartner analysts, for exam- 
ple, predict $288 billion in 
online revenues by 2006, up from 


| $72 billion in 2001. 


Protecting corporate networks is a 
top priority today, but it’s easy to imag- 
ine data protection and privacy con- 
cerns also gaining serious attention as 
e-business models mature and security 
breaches multiply in frequency and 
severity. And budgets will certainly im- 
prove if the economy ever does. 
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Beginning in late 2003, employers 
will be much more aggressively re- 
cruiting security professionals with the 


While technical security skills and 


| network expertise will always be in de- 
| mand, a red-hot market will explode 


for managers with a broad view of se- 


| curity and the ability to think strategi- 
| cally, adroitly navigate corporate poli- 
| tics and create systems for entire orga- 


nizations. And soon colleges will con- 
fer information-security degrees that 


| blend information security, communi- 


cations and psychology. 
It’s a great time for all IT profession- 


| als pondering their futures to consider 


the security profession, especially 


| while barriers to entry are low. If 


you're already working in the field, or 
if you’re a downsized security worker 


| with experience and certifications, 


don’t be discouraged — your on-the- 
job experience will place you well 
ahead of the swarm of new entrants 


| soon to gravitate to the field. D 





The Limits of Self-Tuning 


HE ADDITION of self- 

tuning features to 

DB2 Version 8 may 
sound like a godsend to 
some, but I wonder how 
knowledgeable DBAs feel 
about it [QuickLink: 31614]. 
While I have no DB2 experi- 


| an Oracle DBA. Self-tuning 


gives the appearance of 
eliminating a lot of work, but 


| if a DB2 DBA’s day is any- 


| DBA. So, will a self-tuning 


| ence, I do have eight years as | 


database make it possible for 
corporate America to cut 
head count on those expen- 
sive DBAs? Not likely; some- 
one will have to manage 
those self-tuning features. 
Jared Still 

Database administrator 

RadiSys Corp 

Hillsboro, Ore 


| jkstill@cybcon.com 


| Office Fallacies 


thing like mine, very little of | 


it on average is devoted to 


tuning the database. Modern | 


| RDBMSs work pretty well. 

| The self-tuning hype is actu- 
| ally directed at the IT execu- 
| tives DBAs work for. When 

| their applications run poor- 

| ly, they quickly turn on the 


HE PRICING for Star- 
Office is very attrac- 
tive, but not as attrac- 


free OpenOffice from Open- 
Office.org [QuickLink: 


| 31930]. Still, I find the in- 


DBA with a mandate to “fix” | 


| the database, because it isn't 
| “tuned properly.” Research, 
| common sense, experience 


and lots of empirical evi- 


| dence point to the actual 


culprit being a poor under- 
standing of how databases 
work on the part of develop- 
ers. Poorly written applica- 
tions are the bane of the 


compatibilities in both to be 
a showstopper. I gave my 12- 
year-old son an old laptop 

for school projects, and pur- 


| chasing Microsoft Office 


was cost prohibitive. Every- 


| one else is using Office at 


home, though, and he sees 


| some format incompatibili- 
ties. If StarOffice/Open- 


| Office aren’t ready to handle 


a kid’s simple school re- 
ports, they’re definitely not 


ready for the prime time of 
charging money for them. 


| Let’s be honest: If Microsoft 


put out a product of this 
quality, we'd be roasting it 
over the coals in your very 


| pages. Where are the fires 


for Sun and open source to 
get them in lock step with 
what customers need? 
Ernie Oporto 

Systems administrator 

Virage Logic Corp. 


| Clinton, N.J. 
| ernie.oporto@viragelogic.com 


‘Back Doors Already Here 


| tive as that of the completely | 


CITA OPPONENTS re- 

ally should do more 

digging before they 
lament about software back 


doors [QuickLink: 31992]. As 
| a technology security profes- 
| sional, I watch software tools 
| called “heartbeats” tattle on 


users, systems and other de- 
vices. I'm also concerned 
that the evidence I’ve seen in 
my career has shown that the 
public is so woefully unin- 
formed about back doors as 
to be negligent. Each day 
when we remount our 
servers after verification of 


the image, we see hundreds 


| of pings that would most as- 


| suredly give software ven- 
dors an exact copy of every 

| registry of every system at- 
tached to our network. So 
the provisions of UCITA that 
people are having the most 
trouble with are just about in 
place now. The only differ- 
ence is that the software 
companies can’t just shut off 
your software. They can al- 
ready see you, and just about 
everything you do. 
Gregory A. Hensley 
Senior research scientist 

| G.A. Hensley Co 
Columbus, Ohio 
Gregory@gahcoinc.com 


COMPUTERWORLD welcomes 
comments from its readers. Letters 
will be edited for brevity and clarity 
They should be addressed to Jamie 
Eckle, letters editor, Computerworld, 
| PO Box 9171, 500 Old Connecticut 
| Path, Framingham, Mass. 01701 
| Fax: (508) 879-4843. 
E-mail: letters@computerworld.com 
Include an address and phone num- 
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For more current letters on these and 
other topics, go online to 
| @computerworld.com/letters 
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FIELD REPORT 


Software distribution and configu- 
ration management tools can or- 
chestrate initial system imaging, 
automated software deployment 
and even ongoing updates. But they 
must be built on proven policies, 
and talented staffers are needed to 
manage them. PAGE 24 


FAST-TRACK TRAINING 


A learning tool from Boston-based 
OutStart is helping furniture maker 
Steelcase train its workers in SAP. 
PAGE 26 


EMERGING 
TECHNOLOGIES 


New low-power processors will 
dramatically drop the power re- 
quirements of mobile computing 
(below) while boosting overall 
performance. PAGE 30 


Mobile Intel Pentium 4 
10% bi Processor-M 


Mobile Intel 
845 chip set 


B% 48GB hard-disk drive 


7% External graphics 
Clock generator - 4% 


1/0 Controller Hub 3- 
Mobile - 3% 


= _ DvD - 2% 
WLAN - 2% 


HANDS ON 


Flat-panel displays boast bigger 
screens, better quality — and lower 
prices. This roundup ranges from 
Planar’s 23-in. behemoth to an 18- 
in. Sharp model with unsurpassed 
color quality. PAGE 32 








NICHOLAS PETRELEY 


Singularly Vulnerable 


HERE’S AN OLD THREE DOG NIGHT SONG that goes, “One is 
the loneliest number that you'll ever do.” In enterprise com- 
puting, there are times when one is the riskiest number you 
can ever do. The architects of Unix, Java and related systems 
have known that for a long time, which is one reason why 
these systems provide features not in a single program, but rather as sepa- 
rate processes that talk to each other over network protocols. That makes 
these multipronged systems a little more difficult to develop for but far 


more difficult to crack. 

For an example of what happens without those 
complications in the architecture, look to the most 
recent batch of security vulnerabilities in Microsoft 
software that have surfaced over the past weeks. At- 
tackers can use a SQL query to overwrite just about 
any file on your system, thanks to a flaw in the design 
of SQL Server. It also came to light that you can trick 
Windows applications to do just about anything by 
sending standard Win32 API messages to these appli- 
cations (see http:/ecurity.tombom.co.ukhatter. 
html). And you can exploit design flaws in Micro- 
soft’s Office Web Components to gain administrator- 
level access to someone’s computer simply by em- 
bedding an ActiveX control in your Web page. 

This is a never-ending story, folks. It’s almost im- 
possible to enumerate all the reasons why Microsoft 
seems to get security wrong in areas where everyone 
else seems to get it right. The mistake made by Mi- 
crosoft critics is that they focus on the buffer over- 
flows and specific security holes. Microsoft’s design 
flaws go much deeper than that. The problem with 
Microsoft is that it integrates where others isolate. 

For example, SQL Server has this “cool” feature 
that lets you create a Dynamic Link Library (DLL) in 
any language and then use a SQL com- 
mand to load and run that DLL as a stored 
procedure. As it turned out however, 
Microsoft’s own out-of-the-box DLL-based 
stored procedures were vulnerable to 
buffer overflows, which made every instal- 
lation of SQL Server open to attacks con- 
sisting of little more than a cleverly de- 
signed SQL query. Another SQL Server 
vulnerability allowed you to bypass all 
security checks on stored procedures sim- 
ply by calling one stored procedure from 
another. 

In both cases, Microsoft traded the safe- 
ty of isolation for the convenience of inte- 


NICHOLAS PETRELEY is a 
computer consultant and 
author in Hayward, Calif. 

He can be reached at 

nicholas@petreley.com. 


gration. Here’s a better way Microsoft could have 
provided developers with the ability to run DLLs as 
stored procedures: Separate and isolate the process 
by creating a middleware product that runs custom 
DLL stored procedures. When you issue a query, it 
communicates the request to the middleware, which 
loads and runs the DLL with reduced privileges. Bet- 
ter still, run that middleware on another virtual or 
physical machine, which will provide you with even 
more isolation and safety. Finally, force every stored 
procedure to acquire its runtime permissions from 
yet another server process, such as an authentication 
server, and run that on yet another isolated virtual or 
physical machine. 

These suggestions probably sound paranoid to a 
typical Windows developer or user, but this is pre- 
cisely how a lot of Unix-based software is designed to 
work from Square |. Even the graphical user interface 
on a Unix system is broken into two pieces, an X 
client and an X server, each of which can run with 
different privileges. 

Security through multiple tiers and isolation is also 
one reason why I am very impressed with the Sun 
ONE architecture. It’s no accident that the Sun ONE 
range of products reads like a feature list, 
not a product list. If you run Sun’s directo- 
ry server, metadirectory server, identity 
server, authentic tion server, portal server, 
Web server and other processes in isolated 
environments, you increase the security of 
your system dramatically, because you 
can’t easily use one process to crack a 
weakness in another. If you wrapped all 
those features into one software product 
— or, worse, a bundle of software products 
that share DLLs on the same machine — 
you'd end up with an interdependent mess 
of server processes that can steal each oth- 
er’s privileges at the drop of a hat. D 
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gether. Today, SDCM tools tap enter- 
prise directories for role-based soft- 
ware distribution, allowing automatic 





By Robert L. Mitchell 


Software distribution and config- 
uration management (SDCM) 
tools initially targeted the auto- 
mation of application software 
deployments and updates. Now, 
vendors focus on the entire PC life cycle, seeking 
to give desktop support groups their Holy Grail - 
the ability to deliver a machine, install the base op- 
erating system image, layer on the application sets, 


| and provide ongoing updates, self-healing features 
| and support without touching the hardware. 


The traditional approach to SDCM, using imag- 
ing software to manage desktops, doesn't scale 
well because a unique image must be maintained 
for every desktop hardware and software configu- 
ration. A software update or service pack forces 
reimaging of all machines, which can easily take an 
hour or more per computer. Software distribution 


| tools make the process more efficient by layering 


application sets on top of a stripped-down base- 
line image - or in some cases eliminating the 
imaging step altogether. 

The savings in staff time are substantial, says 
Matthew Krieger, associate director of global net- 


| work architecture services at The Reader's Digest 


| on third-party relationships to 
complete the PC life cycle 


| and personalization software 





| that adds user-specific attrib- 


Association Inc. in Pleasantville, N.Y. “A help desk 
guy with benefits is going to cost you $100,000 
per year,” he says. 

In addition, most tools now work with enterprise 


| * 
directory services, such as Microsoft Corp.'s Active 


Directory (AD), to enable customized application 
distribution based on the user's role, location or 
business unit. The move from machine-based to 


| directory-based application deployment means 
| users always get what they're entitled to when they 


log on, says Ronni Colville, an analyst at Stamford, 
Conn.-based Gartner Inc. But, she cautions, the 
degree to which the tools work with AD has yet to 
be fully proven in the field because of the limited 
number of AD deployments. 

SDCM vendors claim they do it all, but most rely 


picture. This includes tools for 
creating the baseline disk im- 
age, application packagers 
that customize the installation 
process for each program, 


should stay in-house 
Quicklink: 32312 


Distribution tool book: Visit our online list 
of software distribution resources. 


QuickLink: 32311 
www.computerworld.com 


Sorting Out the Software Distribution Tools 


Software dis- 
COMPETITORS tribution fea- 
tures can be 
found in enterprise management 
frameworks, such as IBM’s Tivoli 
Configuration Manager and Com- 
puter Associates International Inc.’s 


Unicenter, as well as in desktop man- | 


agement suites like Microsoft Corp.'s 
Systems Management Server. The 
latter includes software distribution 
as well as inventory, software meter- 
ing and remote control functions. 

In contrast, best-of-breed prod- 


ucts, such as Novadigm Inc.’s Radia, 
tend to have more advanced features 
but cost more than broader offer- 
| ings, says Ronni Colville, an analyst 
at Gartner Inc. in Stamford, Conn. 
Novadigm, Marimba Inc. in 
| Mountain View, Calif., and Manage- 
Soft Corp. in Nashua, N.H., excel at 
providing software distribution ser- 
vices to business partners and cus- 
tomers outside the corporate fire- 
wall, says Colville. 
Novadigm also supports a broad 
| range of client types, while other 








| company spokesperson. CCM’s 


firms may be more limited. Wal- 
tham, Mass.-based On Technology 


Corp.’s On Command CCM, for ex- 


ample, specializes in deployment of 
Windows clients, but the vendor is 
working on Linux support, said a 


deployment of new PCs without the 
need to first create an operating sys- 
tem image. The technology lever- 

ages Intel Corp.’s Preboot Execution 
Environment (PXE), a function em- | 
bedded in most PCs that can be used | 


“preOS agent” will fully automate | 
| 
| 





DOES OUTSOURCING WORK? 


Some elements of software distribution 
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utes, such as browser bookmarks. But the distribu- 
tion software often serves as the management 
umbrella, coordinating all steps in the process. 

In addition to the ability to push applications out 
to users, some products include a self-service fea- 
ture that lets users pick from a menu of optional 
applications. Many vendors have also begun 
rolling in support for mobile devices and personal 
digital assistants, which used to require third-party 
add-ons. And while many products allow manage- 
ment of clients outside the corporate firewall, not 
all have the capabilities required to support remote 
business partners or customers, Colville says. 

One technical glitch: In large-scale rollouts, net- 
work bandwidth can be an issue. However, with 
some products, updates “trickle down” to PCs for 
later execution on the local machine, and most al- 
low CD-based distribution of updates. Microsoft's 
| new Background Intelligent Transfer Services ap- 
plication programming interface, introduced with 
Windows XP, could become a de facto standard 
for bandwidth throttling, as well as for checkpoint/ 
restart (so interrupted deployments can continue 
where they left off) on Windows desktops. 

But the barrier to successfully using SDCM tools 
isn't entirely technical. Many attempts fail because 
of a lack of upfront preparation and established 
desktop management policies. “No tool is going to 
make a company that has really [lousy] disciplines 
around asset management and desktop manage- 
ment into a star,” says Krieger, who's migrating 
4,000 desktops to Novell Inc.'s ZENworks. “We 
spend an incredible amount of time pushing out 
documentation and standards. That's the bulk of 
the time, not the technical implementation.” 

And that preparation should include an applica- 
tion inventory, says Judi Folkert, packaging pro- 
grammer analyst at Zeeland, 
Mich.-based furniture maker 
Herman Miller Inc. By con- 
solidating its application 
base from 450 to 120, Her- 
man Miller greatly simplified 
the deployment process 
across its 8,000 PCs. “That's 
a real cost-saver,” she says. 





| for remote installation of both the 


operating system and applications. 
Novell Inc.’s ZENworks for Desk- 


| tops 4, which was released Aug. 27, 
| is perhaps one of the most advanced 
| software distribution tools because 


of the way it leverages directory ser- 
vices. A new feature, ZENworks 
Synergy, has a portal interface that 


| lets users access their Windows 


desktops from any Web-connected 
PC. Version 4 also abandons the re- 
quirement for an IPX client and sup- 
ports updates via HTTP. 
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Tips for a 
Successful 
Software 
Distribution 
Project 


REDUCE COMPLEXITY 
Cut project time by 
first reducing the variety 
of desktop hardware, 
operating systems and 
applications. 


SET POLICIES 
Establish policies and 
standards for desktop 

management before 
bringing tools into 
the picture. 


BUILD A DIRECTORY 
Software distribution 
tools are more powerful 
when they leverage 
profiles set in Active 
Directory or equivalent 
network directories. 


SET EXPECTATIONS 
Users must understand 
that some lockdown of 
the desktop is required 
to maintain consistency 

and stability. 


ALLOCATE STAFF 
Software distribution 
tools may reduce help 

desk costs, but trained 
staff must create and 
manage policies, package 
applications and manage 
these new tools. 


TECHNOLOGY 


DEPLOYMENT SNAPSHOT 


The Home Depot 
Inc., Atlanta 


INTERVIEWEE: Stan Alexander, vice presi- 
dent of information services 





WHO THEY ARE: Building supply retailer 


GOAL: To fully automate management of 
PCs in retail stores, from initial deployment to 
ongoing configuration management and sup- 
port. Must be able to perform unattended re- 
builds of corrupted machines without on-site 
technical support 





STRATEGY: Install Waltham, Mass.-based 
On Technology Corp.'s ON Command CCM 
master server in Atlanta, with remote distrib- 


Pasting Telstra relied on a homegrown 
software distribution program, 
until it became a victim of its 
own success. “It got so good 
that everyone developed apps 

and distributed them,” says Andrew Knight, 
national manager of infrastructure tech- 
nology at the telecommunications company 
In time, the number of applications ballooned 
to an unmanageable 1,500 across 40,000 
desktops in 650 locations. 

In November, Telstra upgraded to Mahwah, 
N.J.-based Novadigm Inc.'s Radia, which de- 
ploys applications through 20 distributed 
staging servers and allows software distribu- 
tion and management through firewalls. Now 


Telstra’s Software 





ution servers in each store. Ship PCs from 
vendors with a blank drive and Intel’s preboot 
execution (PXE) function enabled. Configure 
CCM to detect machines on PXE boot-up, 
display a menu of machine profiles, with 
identifying information such as “paint ma- 
chine,” and perform an unattended install of 
Windows and all related applications and de- 
vice drivers on the target machine. Use CCM 
to remotely manage, update and rebuild 50 
to 60 machines in each store as needed. 


CHALLENGES: Alexander wanted to aban- 
don using imaging technology, which re- 
quired maintaining different baseline images 
for each system. CCM's native unattended in- 
stall option could run through the entire in- 
stall process instead of downloading a static 
image, allowing it to detect hardware vari- 


Knight says, “We don't go to the desktop 
anymore to do anything unless it’s broken.” 

Initially, Telstra tried to use the old soft- 
ware distribution methodologies with the 
new technology. “There were procedures 
that everyone did and said they had to keep 
doing. We did a few things badly, which end- 
ed up costing us a lot of time in terms of how 
we packaged and distributed software,” 
Knight says. But with new procedures, distri- 
bution times have been reduced from 10 
weeks to as little as a few hours. 

Using Radia, Telstra creates a base image 
that includes the operating system, Microsoft 
Office and a few utilities. It then layers on the 
appropriate line of business applications 


Applications 





Distribution Process 


Telstra leverages Active Directory policy 
data for users and groups to determine each 
user’s software configuration. Radia agent 
software running on a local desktop or per- 
sonal digital assistant (PDA) (1) sends user 
information to a configuration server (2), 
which makes a Lightweight Directory Access 
Protocol (LDAP) calli to the Active Directory 
server to retrieve ihe configuration informa- 
tion (3). A local server (4) then deploys the 
appropriate applications. Radia uses a sepa- 
rate server to inventory each user’s software 
configuration (5). Administrators access the 
system through a Web interface (6). 


Local Radia 
proxy server 


Applications 


a 
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ances and load the appropriate drivers. “It 
gave us the ability to be hardware-indepen- 
dent,” he says. 





ISSUES: Alexander says that so far, the 
company hasn't experienced any problems. 





PAYOFF: Home Depot has used CCM to de- 
ploy 1,000 new systems. Alexander plans to 
| roll the technology out to all 20,000 PCs in 
February. At that point, the company should 
No longer need to dispatch technicians to 
stores for software-related issues. 





COMMENTS/ADVICE: ‘[CCM's] focus is 
Clear. It's optimized for Windows operating 
| system management and installation. It really 
| deals with laying down the OS well and . . . 
being able to remotely trigger that rebuild.” 





based on the user profiles in Active Directory 

Telstra's PC vendors already ship ma- 
chines with the base image preloaded. Next, 
Knight plans to install Radia staging servers 
at supplier sites to enable them to do the rest 
of the work. The servers will communicate to 
the Radia infrastructure through a virtual pri- 
vate network to obtain user-specific configu- 
ration data and download software. The ma- 
chine will then be shipped to the end user, 
who can plug it in and start working. 

Knight says the project's success hinged 
on people issues. “Our biggest challenge 
was getting the business units to accept the 
change,” he says, adding that such accep- 
tance was critical 
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SDCM Tools 


Software distribution and configuration 
management (SDCM) tools can orches- 
trate everything from initial system 


FDO. Si 


configuration man- 

agement and ongoing 
updates. However, most rely on third- 
party products to pull the pieces to- 
gether. Today, SDCM tools tap enter- 
prise directories for role-based soft- 
ware distribution, allowing automatic 
updates to application sets when a 
user's responsibilities change. But 
administrators caution that the tools 
must be built on proven desktop man- 
agement policies and you need talented 
staffers to manage them. 


Software distribution and contig 
uration management (SDCM) 
tools initially targeted the auto 
mation of application software 
deployments and updates. Now 
vendors focus on the entire PC life cycle, seeking 
to give desktop support groups their Holy Grail 
the ability to deliver a machine, install the base op 
erating system image, layer on the application sets. 
and provide ongoing updates, self-healing features 
and support without touching the hardware 
The traditional approach to SDCM, using imag 
ing software to manage desktops, doesn't scale 
well because a unique image must be maintained 
for every desktop hardware and software configu 
ration. A software update or service pack force: 
reimaging of all machines, which can easily take an 
hour or more per computer. Software distribution 
tools make the process more efficient by layering 
application sets on top of a stripped-down base 
ine image — or in some Cases eliminat ng the 
imaging step altogether 
The sav 
Matthew Krieger, associate director of global net 


t at The Reader's Digest 


ings in staff time are substantial, says 


work architecture services 


Association Inc. in Pleasantville, N.Y. “A help desk 
guy with benefits is going to cost you $100,000 
per year,” he says 


In addition, most tools now work with enterprise 


directory services, such as Microsoft Corp.'s Active 


Directory (AD), to enable customized application 
distribution based on the user's role, location or 
business unit. The move from machine-based to 
directory-based application deployment means 


users always get what they're entitled to when they 


log on, says Ronni Colville, an analyst at Stamford, 
Conn.-based Gartner Inc. But, she cautions, the 
degree to which the tools work with AD has yet to 
be fully proven in the field because of the limited 
number of AD deployments 

SDCM vendors claim they do it all, but most rely 
on third-party relationships to 
complete the PC life cycle 
picture. This includes tools for 
creating the baseline disk im 
age, application packagers 
that customize the installation 


process for eact 


Distribution tool book: V 


1 program hentis 


and personalization software 


that adds user-specific attrib 


Sorting Out the Software Distribution Tools 


Software dis 

tribution fea 

tures can be 
found in enterprise management 
frameworks, such as IBM’s Tivoli 
Configuration Manager and Com 
puter Associates International Inc.’s 
Unicenter, as well as in desktop man 
agement suites like Microsoft Corp.'s 
Systems Management Server. The 
latter includes software distribution 
as well as inventory, software meter 
ing and remote control functions. 

In contrast, best-of-breed prod- 


ucts, such as Novadigm Inc.'s Radia, 
tend to have more advanced features 
but cost more than broader offer 
ings, says Ronni Colville, an analyst 
at Gartner Inc. in Stamford, Conn. 

Novadigm, Marimba Inc. in 
Mountain View, Calif., and Manage 
Soft Corp. in Nashua, N.H., excel at 
providing software distribution ser 
vices to business partners and cus 
tomers outside the corporate fire 
wall, says Colville. 

Novadigm also supports a broad 
range of client types, while other 


firms may be more limited. Wal 
tham, Mass.-based On Technology 
Corp.'s On Command CCM, for ex 
ample, specializes in deployment of 
Windows clients, but the vendor is 
working on Linux support, said a 
company spokesperson. CCM’s 
“preOS agent” will fully automate 
deployment of new PCs without the 
need to first create an operating sys 
tem image. The technology lever- 
ages Intel Corp.’s Preboot Execution 
Environment (PXE), a function em- 
bedded in most PCs that can be used 


vare distriDut 
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utes, such as browser bookmarks. But the distribu 
tion software often serves as the management 
umbrella, coordinating all steps in the process 

In addition to the ability to push applications out 
to users, some products include a self-service fea- 
ture that lets users pick from a menu of optional 
applications. Many vendors have also begun 
rolling in support for mobile devices and personal 
digital assistants, which used to require third-party 
add-ons. And while many products allow manage- 
ment of clients outside the corporate firewall, not 
all have the capabilities required to support remote 
business partners or customers, Colville says. 

One technical glitch: In large-scale rollouts, net- 
work bandwidth can be an issue. However, with 
some products, updates “trickle down” to PCs for 
later execution on the local machine, and most al- 
low CD-based distribution of updates. Microsoft's 
new Background Intelligent Transfer Services ap 
plication programming interface, introduced with 
Windows XP, could become a de facto standard 
for bandwidth throttling, as well as for checkpoint/ 
restart (so interrupted deployments can continue 
where they left off) on Windows desktops 

But the barrier to successfully using SDCM tools 
isn't entirely technical. Many attempts fail because 
of a lack of upfront preparation and established 
desktop management policies. “No tool is going to 
make a company that has really [lousy] disciplines 
around asset management and desktop manage 
ment into a star,” says Krieger, who's migrating 
4,000 desktops to Novell Inc.'s ZENworks. “We 
spend an incredible amount of time pushing out 
documentation and standards. That's the bulk of 
the time, not the technical implementation.” 

And that preparation should include an applica- 
tion inventory, says Judi Folkert, packaging pro- 

| grammer analyst at Zeeland, 
CING WORK? Mich.-based furniture maker 
iacara (hath “Herman Miller Inc. By con- 
solidating its application 
base from 450 to 120, Her 
man Miller greatly simplified 
the deployment process 
across its 8,000 PCs. “That's 


areal cost-saver,” she says. 


ion resources 


for remote installation of both the 
operating system and applications. 

Novell Inc.'s ZENworks for Desk 
tops 4, which was released Aug. 27, 
is perhaps one of the most advanced 
software distribution tools because 
of the way it leverages directory ser 
vices. A new feature, ZENworks 
Synergy, has a portal interface that 
lets users access their Windows 
desktops from any Web-connected 
PC. Version 4 also abandons the re- 
quirement for an IPX client and sup 
ports updates via HTTP. 
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Tips fora 
Successful 
Software 
Distribution 
Project 


REDUCE COMPLEXITY 
Cut project time by 
first reducing the variety 
of desktop hardware, 
operating systems and 
applications. 
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SET POLICIES 
Establish policies and 
standards for desktop 


TECHNOLOGY 


| dent,” he says. 


The Home Depot 
Inc., Atlanta | execution (PXE) function enabled. Configure | 
| CCM to detect machines on PXE boot-up, io nscarieatae 


INTERVIEWEE: Stan Alexander, vice presi- | display a menu of machine profiles, with 
dent of information services | identifying information such as “paint ma- | 

ae | chine,” and perform an unattended install of | — : 
WHO THEY ARE: Building supply retailer | Windows and all related applications and de- | 


GOAL: To fully automate management of 
PCs in retail stores, from initial deployment to | io G0 machines trench sioreas nanded 
ongoing configuration management and sup- 

port. Must be able to perform unattended re- 


technical support don using imaging technology, which re- 


Breaking From the Past 


jht says, “We don’t go to the desktop 


| ISSUES: Alexander says that so far, the 
company hasn't experienced any problems 


PAYOFF: Home Depot has used CCM to de- 
| vice drivers on the target machine. Use CCM | ploy 1,000 new systems. Alexander plans to 
| to remotely manage, update and rebuild50 — | roll the technology out to all 20,000 PCs in 
| February. At that point, the company should 
| no longer need to dispatch technicians to 


builds of corrupted machines without on-site | CHALLENGES: Alexander wanted to aban- | Stores for software-related issues 

| quired maintaining different baseline images | COMMENTS/ADVICE: “[CCM’'s] focus is 

| for each system. CCM's native unattended in- | clear. It's optimized for Windows operating 
STRATEGY: Install Waltham, Mass.-based —_{ stall option could run through the entire in- | system management and installation. It really 
On Technology Corp.'s ONCommand CCM __| stall process instead of downloading a static | deals with laying down the OS well and 
master server in Atlanta, with remote distrib- image, allowing it to detect hardware vari- | being able to remotely trigger that rebuild.” 
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DEPLOYMENT SNAPSHOT 


ution servers in each store. Ship PCs from | ances and load the appropriate drivers. “ 
vendors with a blank drive and Intel's preboot | gave us the ability to be hardware-indepen- 


management before Telstra relied on a homenrowr 
bringing tools into CASE STUDY i a a siedion “ i 
the picture. MSD LeRE until it became a victim of it 
WADA own success. “It got so good 
eseiihoue that everyone developed 


and distributed them,” says Andrew 
national manager of infrastructure tect 


BUILD A DIRECTORY nology at the telecommunications comr 
Sateaie daiiticlinn In time, the number of appli ations ¥é 
tools are more powerful to an unmanageable 1,500 across 40 
when they leverage desktops in 650 locat ons 
profiles set in Active In November Telstra upgraded to Mahwat 
Directory or equivalent N.J.-based Novadigm Inc.'s Radia, which de 


: : loys applications through 20 dis' 
network directories. ae is 
staging servers and allows software 


tion and management through firewalls. Now 


anymore to do anything unless it's broken.” 

Initially, Telstra tried to use the old soft 
ware distribution methodologies with the ans to 
new technology. “There were procedures at supplier sites to enable them to do the rest 
that everyone did and said they had to keep f the work. The servers will communicate to 
doing. We did a few things badly, which end- the Radia infrastructure through a virtual pr 
ed up costing us a lot of time in terms of how 
we packaged and distributed software,” ration data and download 
Knight says. But with new procedures, distri- | 
bution times have been reduced from 10 
veeks to as little as a few hours 

Using Radia, Telstra creates a base image 
that includes the operating system, Microsoft 
Office and a few utilities. It then layers on the 


appropriate line of business applications 


te network to obtain user-specific 


SET EXPECTATIONS 
Users must understand 
that some lockdown of 
the desktop is required 
to maintain consistency 

and stability. 


o 


ALLOCATE STAFF 
Software distribution 
tools may reduce help 
desk costs, but trained 
staff must create and 

manage policies, package 
applications and manage 
these new tools. 


Telstra’s Software 
Distribution Process 


Telstra leverages Active Directory policy 
data for users and groups to determine each 
user’s software configuration. Radia agent 
software running on a local desktop or per- 
sonal digital assistant (PDA) (1) sends user 
information to a configuration server (2), 
which makes a Lightweight Directory Access 
Protocol (LDAP) call to the Active Directory 
server to retrieve the configuration informa- 
tion (3). A local server (4) then deploys the 
appropriate applications. Radia uses a sepa- 
rate server to inventory each user's software 
configuration (5). Administrators access the 
system through a Web interface (6). 


Local Radia 
proxy server 


Conf 


Desktop or 
PDA client 


REMOTE OFFICE 


Directory 
server 
(Active 

Directory) 


Administrators 


HEADQUARTERS 








COTT VINKEMULDER’S job is 
to make sure other people 
know how to do their jobs. 
Two years ago, that task 
required a staff of 20 course- 
ware developers and a printing budget 
of $30,000. Now Vinkemulder gets the 
job done with a staff of five, including 
himself, and he hasn’t had 
to print so much as a note- 
card in recent memory. 

Vinkemulder heads the 
training group at Grand Rapids, Mich.- 
based Steelcase Inc., where he recently 
had to move 2,000 of the industrial fur- 
niture maker’s employees to the latest 
version of SAP. He achieved the ac- 
complishment in record time, he says, 
using SoftSim 3.0, a training package 
from Boston-based OutStart Inc., over 
the Web. 

Vinkemulder says that in the past, 
Steelcase relied on printed materials 
and complex training programs to bring 
employees up to speed on new applica- 
tion and software changes. But he dis- 
liked using printed materials, which 
can quickly become outdated and for 
which version control is almost impos- 
sible, especially in satellite offices. 

The Web allows greater flexibility, 
but its true advantage is the ability to 
make changes and updates in real time. 
SoftSim provides that capability, Vin- 
kemulder says. 


How It Works 


With SoftSim, training materials are 
prepared by simply recording all the 


| 
| 
| 
| 
| 
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oteelcase 
otreamiines 


OAP Trainin 


Furniture maker turns to OutStart 
for learning tool that helps cut costs 
and train staff. By Brian Sullivan 


actions performed by someone using 
the target software. As the trainer 
works his way through the target ap- 
plication, SoftSim records every key- 
stroke and mouse click and any other 
action he may make, says Gene Zylkus- 
ki, vice president of client solutions at 
OutStart. 

A trainee then can follow 
that trail of actions by run- 
ning SoftSim on his own 
machine, explains Out- 


Start’s national SoftSim manager, Peter | 


Clayman. 

The user will see a virtual version of 
the target application and watch it go 
through each step in its process, all of 





which is made possible by a Java applet 
that puts up the right screenshot at the 
appropriate time, Zylkuski says. 

SoftSim allows actions to be edited 
or condensed where necessary to 
make the training easier to follow. For 
instance, if a trainer types the word 
frog, SoftSim initially records each let- 
ter as a separate action. When prepar- 
ing the training materials for distribu- 
tion, typing the word frog could be re- 
duced to a single activity. 

Audio and text can also be added to 
give extra instructions where needed, 
Clayman says. For instance, a voice- 
over could say something like, “At this 


| point, type the word frog.” 


Users can experience the training 
materials in a variety of ways. They 
can be walked through a “show-me” 
mode, where SoftSim shows them each 
step required to complete a specific 
task. The training package also offers a 
self-test mode that records user ac- 
tions. When the user is finished, Soft- 
Sim tells him if he made mistakes and, 
if so, what they were. The self-test 
mode allows companies to set mini- 
mum proficiency requirements for 
workers and then have a built-in 
method for testing them. 

Vinkemulder says that Steelcase 
now has 70 Web-based SAP courses 
that can be updated whenever needed. 

That is one of the big selling points 
of SoftSim, according to IDC analyst 
Michael Brennan. Companies can up- 
date older training materials as new 
versions of software are released. That 
way, if a program is only partially up- 
dated, old versions don’t have to be 
completely discarded but can be easily 
altered to reflect the changes. 

Vinkemulder says SoftSim allowed 
Steelcase to set up a help table for em- 
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Staalraca 
Steelcase Inc. 
OBJECTIVE: In the short term, to train 
workers for a new version of SAP. In gener- 
al, to improve training for Steelcase’s 
workers by moving away from the use of 


printed materials and toward automated, 
but highly specific Web-based training 


OBSTACLES: Difficulty in making real- 
time updates for detailed software simula- 
tions and providing training materials for a 
large number of software applications. 


SOLUTION: Steelcase deployed SoftSim 
3.0, which has allowed the company to re- 
duce training staff to meet the objectives. 


ployees that can determine which of 
some 25,000 possible transactions a 
user is making. It then matches that ac- 
tivity to a step in the training materi- 
als. So if someone in the call center is 
trying to help a client and gets stuck, 
he can call up the training materials 
while he’s on the phone with the client 
| and get an answer quickly enough to 
keep the transaction going smoothly. 

“It doesn’t solve world hunger... 
but it saves us a lot of time and mon- 
ey,” Vinkemulder says. 

All in all, Brennan says, SoftSim is a 
good tool for creating reusable content 
and helping users learn how to use a 
software application on their own. It 
may be a useful tool for organizations 
that see a lot of changes to applica- 
tions, especially as a result of govern- 
ment regulation, he notes. 

SoftSim costs $10,000 per developer; 
for a deeper level of customer support, 
there is an additional 18% maintenance 





| charge. D 


QutStart’s SoftSim Training Package 


@ GENERATOR: A Java ap- 
plet enables playback. 
Documentation is pro- 
vided in Microsoft Word 
or HTML format. 


@ carture ENGINE: 
Automatically re- 
cords all keystrokes 
and mouse clicks 
made by an applica- 
tion expert complet- 
ing a process. 


@ EDITOR: Allows train- 
er to add voice-over 
annotation, sticky- 
note annotation and 
screen-prompt 
annotation. 


PROJECT 


FILES > 


@ PLAvBAck: A Web-based 
simulation is advanced when the 
user performs the correct action 
on each application screen. 





re eerer beg 


£3¢% 


HOW DOES § 
_PETER HARRINGTON BO 


PLAY TO WIN? 


DEERE ail 


(server 


_ +> ————_——— —— - - — oa 


| Winning with e-commerce: re’s some Yew at London's antiquarian | 
Harrington. They're selling 2 oe ne 2 on the Web. Their platform? T 


s 
| ( 
| IBM @server xSeries™ § >t xSeries r 5 he Intel®? Xeon™ pro sor € 
| performance and cost-effective or a cor mplimer ntary OG in on how growing compan 
j | IT to advance “ sina@cc = . 
to advance their business, « /eserver/peterharring © business 
is the Pa hin 
| | nr er 
| 


[a _ - SSS SSS eS 








(server 


Linux” ready with self-managing features for every e-business. 


Intel-based / xSeries 

It’s an affordable and powerful 
combination of mainframe- 
inspired reliability and smart 
systems management toois 


UNIX’ / pSeries 
Highly available, highly affordable 
and highly coveted. The pSeries is 
the platform of choice for powerful 
UNIX and Linux solutions 
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play e-Business t 
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Mainframe / zSeries 

Maximum reliability, maximum power 
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demands of today’s e-businesse 
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TECHNOLOGY 


CPUs Cut | 


Banias, will be the first de- 
signed from the ground up 
for notebook computers. The 
company says Banias will be 
the highest-performing and 
most power-efficient chip 
ever produced for notebooks 
when it debuts next year. 

But Intel has no monopoly 
on power-saving CPUs. Ad- 
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@ POWER USAGE 
Where the Juice Goes 


Chip vendors are spending millions of dollars to extend battery life by making 
microprocessors more power-efficient. But according to Intel, the CPU and its 
associated chip set account for only about 10% to 25% of a portable computing 
device's total power consumption. The biggest power hog is the display, which in 
typical usage consumes about a third of total power. Here’s a breakdown of pow- 
er use by a notebook PC equipped with a Mobile Intel Pentium 4 Processor-M. 


The Power 


New processors will boost mobile com- 
puting performance while consuming a 
fraction of the power of traditional designs. 


By Gary H. Anthes 


When Bristol-Myers Squibb 
Pharmaceuticals U.K. Ltd. in 
Middlesex, England, first mi- 
grated its sales force to note- 
book PCs in 1996, the two- to 
three-hour battery life caused 
frequent interruptions during 
sales calls. Not surprisingly, 
many salespeople - 
went back to paper 
presentations. 
That’s changing 
today, as new low- 
power processors 
emerge that let mobile com- 
puter users do more while 
consuming less power. 

New technologies are dri- 
ving the power requirements 
of microprocessors ever lower 
— even as their capabilities 
increase. In the short term, 


| 
| 
| 
| 
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é S 
users of mobile devices are 


@ TECH SPECS 


Chip Makers’ 
Power-Saving 
Techniques 


CPU designers use several tech- 
niques to lower overall power 
consumption. These include 
Tighter designs: By packing 
circuits closer together, designers 
can reduce transmission distances 
and power consumption. Intel's 
Banias processor uses 0.13-micron 
technology, and 0.09-micron de- 
signs are under development. 
Power management: Intel's 
SpeedStep technique reduces 
processor frequency and voltage 
levels when running on battery 
power, while its Deeper Sleep 
feature reduces voltage to nearly 


| enjoying longer battery life, 
| but in the long term, these 


| ing and communications gear. 


oped more than 50 processors 


EMERGING: 
TECHNOLOGIES 


—_——— 


| al applications at once while 


| microprocessor, code-named 


; : | 
low-power designs will lead 


to new applications and new 
ways of using portable comput- 


Intel Corp., which has devel- 


just for notebook 
computers, re- 
cently announced 
its first 2~GHz 
mobile processor, 
the Mobile Intel 
Pentium 4 Processor-M. Intel 
says the CPU will enable a 
laptop computer to run sever- 


also running background tasks 
such as encryption, compres- 
sion or virus scanning. 

Intel’s next-generation 





zero during extended periods of 
inactivity. The results: The Banias 
processor should consume be- 
tween 380 megawatts and 2 
watts, vs. 10 to 15 watts for a Pen- 
tium 4, according to Intel. 

AMD's Athlon and Duron 
processors use low-voltage oper- 
ations and techniques such as 
“clock gating,” in which inactive 
circuits are powered down. AMD's 
new 0.13-micron mobile Athlon 
XP processor uses the chip mak- 
er's PowerNow technology, which 
dynamically adjusts processor 
frequency and voltage according 
to the needs of the application. 

Code morphing: Transmeta’s 
“code morphing” processor de- 
sign moves some instructions 
from hardware to software. The 
processor gathers statistics as it 
runs, and when it finds heavily 


| technology. 


| 405LP features “ultra-low- 


vanced Micro Devices Inc. in 
Sunnyvale, Calif., offers low- 
power versions of its Athlon 
and Duron lines of notebook 
processors. And late next year, 
the company plans to intro- 
duce its low-power ClawHam- 
mer processor based on more 
energy-efficient 0.09 micron 


IBM’s announced PowerPC 


power operation” for use in 
portable devices such as per- 
sonal digital assistants (PDA). 
Its ability to scale voltage and 
frequency almost instanta- 
neously with the needs of the 
application will enable new 
capabilities for PDAs, such 
as audio and video, says Lisa 
Su, director of emerging prod 
ucts at IBM Microelectronics. 
“That happens in software,” 
she says. “As soon as the song 
finishes, I ramp down to the 
lowest power consumption.” 
While Intel, AMD, IBM and 
others use power-saving tech- 
niques that are similar in con- 
cept, Transmeta Corp. in Santa 
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used sequences of x86 instruc- 
tions, it dynamically recompiles 
them into optimized native code 
for the Crusoe processor 
Off-loading: Another power- 
saving trick involves off-loading 
some of the CPU's workload by 
embedding software functions 
in a separate hardware chip. As 
users increasingly demand com- 
pute-intensive applications, that 
will be one path to power savings 
in IBM's PowerPC 405 LP line of 
mobile processors, says Lisa Su, 
director of emerging products at 
IBM Microelectronics. “There are 
special functions we can put in 
hardware - encryption, speech 
acceleration, media acceleration 
and so on,” Su says. “Using hard- 
ware to accelerate what is current- 
ly done 100% in software reduces 


| blown operating systems, such 
| as Windows XP, and so will be 


| ments were enough to con- 
| vince Bristol-Myers to pur- 


| Book. “Our requirement was 


| Hurst, head of IM and tele- 





overall power consumption.” 


14.1-in. LED 
XGA display 


Clara, Calif., takes a different 
path with its “code morphing” 
technology. Its Crusoe proces- 
sor consumes up to 70% less 
power than comparable Intel 
x86 processors and enables 
all-day battery life in some 
notebooks, Transmeta claims. 
Processors that consume 
small amounts of power will 
enable tiny devices to run full- 


able to run more applications, 
says David Ditzel, marketing 
vice president at Transmeta. 
And he says wireless network- 
ing is leading to new usage 
patterns, such as carrying a 
computer to meetings all day. 
That requires longer battery 
life and lighter weight. 
Current power improve- 


chase Sony Corp.’s Crusoe- 
powered Vaio CIVE Picture- 


to provide five hours or so of 
life to the mobile sales force 
without recharge.” says David 


communications. With im- 
proved processor designs on 
the way, Hurst may just need 
to raise his expectations. D 


POWER PLAY 
Find out why CPU power cuts aren't likely 
to lengthen battery life 


QuickLink: 32112 
www.computerworld.com 
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@ APPLICATIONS 


Processors 
Cool for Blades 


LOW-POWER PROCESSORS, 
which are important in battery- 
powered mobile computing de- 
vices, may play an even bigger 
role in blade servers. Because 
they generate less heat, low- 
power CPUs can be packed 
tightly together. Intel's Pentium Ill 
ultra-low-voltage CPU, used in 
blade servers, runs cooler than 
human body temperature, claims 
Don MacDonald, Intel's mobile 
platform marketing director. 

Los Alamos National Labora- 
tory in New Mexico has built its 
Green Destiny Bladed Beowulf 
cluster using 240 Transmeta 
Crusoe processors operating at 
667 MHz. The machine has been 
operating without cooling fans 
for some 10 months in a ware- 
house where temperatures rou- 
tinely reach 85 degrees, while 
computing at a peak rate of 160 
billion operations per second. 
Green Destiny consumes less 
than 10% of the electricity and 
25% of the space used by more 
traditional computer clusters of 
similar power, Los Alamos says. 

“Low power is a good thing, 
no matter where you do it, 
plugged in or not,” says Ken 
Dulaney, an analyst at Gartner 
Inc. in Stamford, Conn. 
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'M SITTING AT MY DESK, looking 

at what must be the mother of 

all flat-panel monitors: a high- 

resolution LCD screen measur- 

ing 23.1 in. diagonally. This is 

so much bigger than any other 
monitor I have ever used that it’s al- 
most disorienting. 

The WS231 from Planar Systems Inc. 
in Beaverton, Ore., carries a list price 
of $3,500 but is available for about 
$2,800 — or about what an 18-in. flat 
panel cost just three years ago. The 
screen’s native resolution is 1,600 by 
1,200 pixels, which is sometimes called 
UXGA, for Ultra Extended Graphics 
Array. It allows you to easily view two 
full pages of text side by side. Open up 
a blank Excel spreadsheet full-screen 
and it starts out showing you 24 col- 
umns and 57 rows. 

Having so much screen real estate 
available actually changed the way I 
worked, because it allowed me to keep 
many more windows in view. If you’ve 
ever tried using a monitor smaller than 
20 in. with UXGA video, you know 
that text and bit-mapped icons can be 
so small that they’re nearly impossible 
to read. With the WS23l’s big screen, 
however, I could easily read 
the text in menus, in windows 
and on the desktop. 

Of course, making use of all 
those windows and supporting 
the high-resolution screen 
cries out for a workstation with plenty 
of RAM and, even more important, 
video memory — a minimum of 8MB. 
My 3-year-old Dell Latitude laptop, for 
example, has 256MB of RAM, which is 
plenty, but only 4MB of video RAM. 
That lets me display 16.7 million colors 
at 1,024 by 768 pixels, but only 256 at 
1,280 by 1,024. 

The Latitude’s video card doesn’t 
support any higher resolutions, but 
even if it did handle UXGA, it would 
be limited to no more than 32 colors, 
and that much only by intensive video 
processing. However, when used with 
the 8MB embedded video card in the 
$199 EasiDock 1O00EV from Mobility 
Electronics Inc. in Scottsdale, Ariz., the 
Latitude worked just fine. 


Smaller and Cheaper 


The Planar is nice, but in a down 
economy and the age of $500 comput- 
ers with gigahertz-class processors, 
only users with a true need — graphics 
workers, financial traders and medical 
doctors reading X-rays online — can 
justify a $2,800 monitor. Fortunately, 
plenty of affordable flat-panel moni- 
tors are available, albeit in smaller 
sizes. Since my last review of flat pan- 
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Big Deals in 
Flat Screens 


The newest batch of flat-panel 
monitors are bigger, better - and 
more affordable. By Russell Kay 


els [QuickLink: 21061], I’ve used 15- to 
18-in. monitors from BenQ Corp., Envi- 


| sion Inc., Compaq, NEC-Mitsubishi 
| Electronics Display of America Inc., 
| Samsung Electronics Co., Sharp Elec- 


tronics Corp. and others. Though I 
found clear differences among them, 
all were more than good enough for 
most applications. 

This time, I tested two $350 15-in. 
monitors — the AOC LM-500 
and the Envision EN-5100e 
from Fremont, Calif.-based 
Envision Peripherals Inc. — 
to see what the low-price end 
of the spectrum delivered. 
Without a side-by-side, instrumented 
comparison with a more expen- 
sive 15-in. monitor, I couldn’t tell 
that I was missing anything. The 


| bigger-name-brand monitors may 
be a little brighter or offer a bit 


more contrast, but that doesn’t 
rule out these value lines. The 


| $350 monitors are, for most users, 
| just as good as the $550 units. 


“4 


I was unable to set these moni- 


| tors up for a side-by-side compar- 


ison of screen quality, but as it 
turns out, I didn’t need to. I tested 
the first of a new generation of 
flat-panel monitors from Sharp 
Systems of America in 


| Huntington Beach, 


Calif., and it’s outstand- 
ing. The 18-in., $1,299 
Sharp LL-T1820B is, by a 
considerable margin, the 
brightest, crispest moni- 
tor I’ve ever used. 

One thing that differen- 
tiates the Sharp from 
any other monitor is 
its support for 10-bit, 
rather than 8-bit, color. This increases 





the number of colors it can accurately 
display from millions to billions, which 
really smooths out gradients and gra- 
dations in color and gray-scale images. 
Your video card doesn’t do 10-bit 
color, you say? No problem. The Sharp 
monitor has built-in circuitry to con- 
vert the color depth. The result is im- 
ages that, depending on the originals, 
show increased separation in both 
shadow and highlight areas. Speaking 
as a predigital photographer, I could 
see that the Sharp monitor instantly 
and almost automatically achieves the 
kind of overall image in black-and- 


| white photographs that I used to work 
| hours to get in the darkroom. 
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Finally, as with many new-design 
LCDs, the Sharp features a very thin 
bezel around the screen, which makes 
the unit seem smaller than it is. Until 
the Planar behemoth arrived, I had 
thought that 18 in. was the optimal mon- 
itor size for computer work at a desk. 


| From a practical point of view, I still 


think that’s the case. At prices between 
$800 and $1,300, 18-in. monitors cost 
what the 15-in. models did a few years 
ago. The best of them produce a su- 
perb, flicker-free picture that’s easy on 
the eyes and offer sufficient screen real 
estate to keep multiple windows open. 

The big-screen Planar was an eye- 
opener in many ways. I will miss hav- 
ing it on my desk. But I will also miss 
the great color and smoothness of the 
18-in. LL-T1820B. Were I buying one of 
these for my own general office needs, 
I'd go with the Sharp. B 
Kay is a freelance writer in Worcester, 
Mass. Contact him at russkay@ 
charter.net. 


THE TECH EFFECT 


Some new technologies could drop big-screen prices. 
QuickLink: 32156 





Online Resources: For more information about these 
monitors, visit the following Web sites 


Q www.envisionmonitor.com 
www.aocmonitor.com 

© www.sharpsystems.com 

Q www.planar.com 





© www.mobl.com 
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Filing It Away 


DEFINITION 
File systems organize and track 
files and associated metadata 
stored on disk drives to allow 
quick and reliable retrieval. 


BY TODD R. WEISS 
ILE SYSTEMS orga- 
nize the data stored 
on computer hard 
drives, keeping track 
of the physical loca- 

tions of all data elements 

on disk while allowing 
users to quickly and reli- 
ably retrieve files when 
needed. 

The file system acts as 

a digital index that lets a com- 

puter instantly find a specific 

file, regardless of the size or 
configuration of the storage 
drive or where the data bytes 
associated with the file sit on 
the drive's storage platters. 
Every operating system, 
from MS-DOS to Windows 

95, Windows XP and Linux, 

has its own file system. But 

although all file systems per- 
form the same basic func- 
tions, they vary in design and 
sophistication. 


UI 


| FAT 


| 
| File systems have come a 
long way since MS-DOS and 
early versions of Windows. 
| Those operating systems orga- 
nized files under the FAT file 
a system, which repre- 
sents logical areas of 
the disk in allocation 
units called clusters, 
and maps the locations 
. of file data to those ar- 
| eas using a file allocation table 
(FAT). FAT is also called 
| FAT16 because it uses a 16-bit 
address space for tracking 
files and clusters. 

FAT clusters vary with the 
size of the disk. FAT’s 16-bit 
address space can support up 
| to 65,536 clusters (2"). With a 
65MB disk, cluster sizes were 
just IKB in size, but they bal- 
| looned as disks emerged that 
were able to hold gigabytes of 
data. And since only a single 
file can be written to a cluster, 





File System Specs 


FILE SYSTEM 


Se a ea 
LENGTH (CHARACTERS) 


VL 
VOLUME SIZE 


| this created inefficiencies that 
ended up wasting as much as 
50% of available space on a 
2GB disk drive. 


FATS2 

FAT32, which debuted with 
Windows 95 OEM Service Re- 
lease 2 (OSR2), introduced a 
32-bit address space. By in- 
creasing the size of the file 
allocation table, it could sup- 
port more clusters that were 
smaller in size on large disk 
drives, reducing the potential 
for wasted drive space. 

Another FAT32 innovation 
was that it could handle file 
names with up to 255 charac- 
ters, whereas FAT could only 
handle names with up to eight 
characters. Users could finally 
create long file names to bet- 
ter describe the contents. 

The advent of FAT32 ex- 
tended the maximum address- 
able volume size from 2GB to 
2TB and improved reliability 
by allowing the system to 
switch to a copy of the file al- 
location table if the default 


But FAT32 also added to file 
system overhead and was 

| therefore inefficient to run 
on disks smaller than 260MB. 


NTFS 


The next development in 
Windows file systems was 





ve 
FILE SIZE 


copy should become damaged. 





the New Technology File Sys- 
tem (NTFS), introduced with 
Windows NT (which also 
supported FAT32). With a 64- 
bit address space and the abil- 
ity to vary cluster size inde- 
pendently of the disk drive 
size, NTFS virtually eliminat- 
ed the cluster size limitation 
problem. 

It also brought other bene- 
fits, including file and directo- 
ry security attributes, file en- 
cryption and support for stor- 
age volumes of up to 16TB and 
232 clusters. 

NTFS replaced the familiar 


| file allocation table format 


with the Master File Table 
(MFT), which holds more in- 


OPERATING SYSTEM 
MS-DOS, Windows 95 


Soe eereesseereeeeseses 


Windows 95 OSR2, 98, Me 
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than 400MB, and it can’t be 
used on floppy disks. Instead, 


| Windows must write to for- 


matted diskettes using FAT32. 


Ext2 


The Linux file system, 
called Extended File System 2 
(Ext2), evolved to rectify limi- 
tations of Linux’s original file 
system, Ext, which the operat- 
ing system inherited from its 
Minix predecessor. Under the 
Minix file system, the maxi- 
mum file system size was 
restricted to 64MB and file 
names to 14 characters. 

Ext supported 2GB file sys- 
tems and 255-character file 
names but suffered from some 
performance limitations. Ext2 
supports 4TB file systems and 
255 character file names and 
remedies those problems. 

The Ext2 architecture uses a 
data structure called identifi- 
cation nodes (inodes) to refer 
to and locate files and associ- 
ated data. The inode table in- 
cludes the file type, size, ac- 


FILE SYSTEM SUPPORT BY OPERATING SYSTEM 


FILE SYSTEMS SUPPORTED 


NTFS, FAT16, FAT32 


See ee eeeeeeeeseeeseseseeeseesees 


Linux 


| formation about files than did 


FAT. The MFT references all 
files and directories on the 
disk drive, including associat- 
ed metadata such as security 
settings. 

The NTFS also introduced 
a high level of fault tolerance. 
It logs disk operation activity 
prior to committing the trans- 
action. If the system crashes 
during an update, it can exam- 
ine the log file and restore 
the data. When read or write 
errors occur during normal 
operation, NTFS automatical- 
ly identifies and blocks out 
the bad clusters and copies 
the data to a new location. 
Finally, NTFS creates a mirror 
of the MFT and can revert 
to the mirror should the orig- 
inal fail. 

NTFS’s overhead makes it 
unsuitable for disks smaller 


Ext2, FAT32, FATI6 


cess rights, pointers to asso- 
ciated data blocks and other 
attributes. The file system or- 
ganizes disk space into groups 
of blocks, which contain both 
inode information and associ- 
ated data blocks. 

The Linux kernel uses the 
Virtual File System layer, 
which interacts with the file 
system to perform disk I/O. 
This gives Linux the ability to 


| support multiple file systems, 
| including DOS, FAT16 and 

| FAT32 (which it supports as a 
| native file system). D 
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infrastructure that achieves your company’s 
goals. Many storage systems are built | ‘ : ; 
piecemeal without a master plan. Stop that ; Research Reports | Welcome: 
trend now and take control! ; Compute 
Security Agenda 
This Executive Briefing details the 
steps you can take to plug gaps | ; 
in your company’s security wr ram 
defenses. This complete | ee) 
package gives the chief f eal Reports 
security officer advice oz Additional Rey 
: anit 
on how to meet any ze EXECUTIVE BRIEFINGS = 
number of problems 5 yn crete v8 eae ee ee mee 
that might arise across 
the entire enterprise 
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TECHNOLOGY 


No Good Policy 
Should Go Unbroken 


New enforcement of an old policy 
reveals that just about everyone 
bends the rules. By Vince Tuesday 


HEN I JOINED my 
current company, 
one of my first acts 
was to roll out a 
password-protected screen 
saver to every desktop, with 
the timeout set to 15 minutes. 
That way, if someone was 
called away from his desk 
without closing an application, 
confidential information 
wouldn’t be indefinitely dis- 
played for all to see. 
Getting this change 
agreed to and rolled 
out was a nightmare. 
Everyone wanted a 


the screen saver soft- 
ware. To get everyone 
on board, I let users vote on 
the screen saver images to dis- 
play and the timeout period. 

Eventually, we configured a 
Windows NT policy enforcing 
a 15-minute timeout and set 
the screen saver at log-in. Af- 
ter a week or so, I was sur- 
rounded by a sea of screen 
savers, all displaying the most 
popular corporate logo. This 
tiny part of the enormous task 
I faced in tying down security 
at my company was complete. 
It was the beginning of a cul- 
tural change toward accep- 
tance of security controls. 

Or so I thought. 


The Enforcer 

We recently migrated from 
Windows NT Server 4 to Win- 
dows 2000 with Active Direc- 
tory, which offers many cool 
security features, including 
the ability to apply policies to 
desktops periodically while a 
user is logged in. So I asked 
that our standard policy, in- 
cluding the screen saver time- 
outs, be deployed to desktops 
every hour. As everyone al- 


ready had the policy set by NT 


4 when they first logged in, I 


| take. 


didn’t expect it to be an issue. 
I soon discovered my mis- 
Many people had been 


| logging in and immediately 


changing the screen saver 
timeout period to suit their 


| work habits. The new enforce- 
| ment flushed them out. 
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| 


I expected to get a flood of 
people asking us to set the 
timeout to 999 min- 
utes. But the first to 
complain was a 
group of paranoid 
security freaks who 
were setting the 
timeout to one 
minute. They were 
terrified of walking away for a 
moment and leaving others to 


leap in and steal their sessions. | 


To set different policies for 
these users within Active Di- 


| rectory, however, we would 


have to move them into sepa- 


| rate organizational units. We 
| weren’t eager to split each of 
| Our current units into normal 





| and screen-saver-security- 


freak subgroups. 
Instead, I suggested that 


| these users hit the Ctrl-Alt-Del 
| keys and press Enter to lock 
| their screens when 


leaving 


| thought 

this disaster 
of enforcing an 

established 
policy was over. 
Then the CEO’s 
personal assis- 

tant phoned 

me... 





their desks, and I offered a few 


| memory-jogging techniques to 


help them remember to do so. 
I also encouraged them to 
form pacts with their nearest 


| co-workers to lock each oth- 
| er’s screens as needed. 


What About E-Mail? 


A second set of complaints 
came from our developers, 


| who have two machines: one 
| for writing code and one for 


e-mail and administrative 
work. They want to know 
when e-mail arrives while 
they are working on code, and 


| the screen saver timeouts have 
| been getting in the way. Since 


they are at their desks, no se- 
curity risk exists, but our sys- 


| tem has no way of telling 


whether a user is at his desk. 

I have one hope to save the 
day: Windows 2000 Server 
Resource Kit Supplement One, 
which is supposed to contain a 
transparent screen saver. This 
will stop anyone from modify- 
ing confidential information 
but will let the user see the 
arrival of new e-mail. This is 


| perfect for our developers, 


and it will also work nicely for 


| the few machines that display 
| monitoring statistics. There’s 


just one problem: Microsoft 
didn’t include the files on the 
CD-ROM. I’ve asked my con- 
tact at Microsoft to send them 
over, but he told me it could 
take some time. 

I thought this disaster of 
thoroughly enforcing a previ- 
ously established and ap- 


| proved policy was over. Then 


the CEO’s personal assistant 
phoned me and explained that 
the CEO didn’t want the 
screen saver either. “What if 
he goes away for a half-hour 
meeting? When he gets back, 
he'll have to log in again,” the 
assistant said. 

“Yes, that is the idea,” I 
replied. 

“Would you like to explain 
it to him yourself?” he coun- 








| and he 
| and locked doors. These phys- 


tered. Yes, I replied, and asked 


| him to set up an appoinment. 


I guess I should’ve been in- 
timidated by this suggestion, 
but I’ve met our CEO and he’s 
very reasonable. I was sure 
that once I explained every- 
thing, he’d be happy to keep 
the screen saver. His assistant 
didn’t want to give me that 
chance, however, and immedi- 
ately started phoning my man- 
agement chain, complaining 


| about me and asking for me to 
| be put back in my place. 


After much flapping and 


| several meetings, I was able to 


repair the damage. Apparently 
I'd been seen as arrogant by 
not doing exactly what the 


| CEO’s personal assistant 


wanted. In my experience, 
senior staff rely on personal 


| assistants for all IT services. 
| Perhaps this fellow had found 


himself having to walk into 


| the CEO’s office to unlock the 


screen every 15 minutes. 
We have a formal dispensa- 
tion process to get around 


| policies that don’t meet busi- 
| ness needs. In the end, the 
CEO said he was willing to fol- 


low that process in order to 
avoid having to enter the 
screen saver password a few 


| times a day, so now he doesn’t 
have a screen saver. One might | 
| say that this is silly, that it un- 
| dermines support for my 

| team, that it exposes his data 


to risk. After all, if it isn’t good 


| enough for him, it isn’t good 


enough for anyone, right? 

On the other hand, he’s not 
just anyone. His personal as- 
sistants guard the office well, 
has closed-circuit TV 


ical controls mitigate the risk 


| of someone gaining access. 


I'd thought the screen saver 


| battle had been won months 
| ago. But if the easy battles are 


this hard, what will the diffi- 


cult ones be like? D 


| WHAT DO YOU THINK? 


This week's journal is written by a real 
security manager, “Vince Tuesday,” whose 
name and employer have been disguised 
for obvious reasons. Contact him at vince 
tuesday@hushmail.com, or join the dis- 
cussion in our forum 


QuickLink: a1590 


To find a complete archive of our 
Security Manager's Journals, go online to 


@ computerworld.com/secjournal 
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VPN PROTECTION 


What message are you sending 
by protecting your VPN 
with a simple password? 


Too often, Virtual Private Networks are anything but private. With 
only a single password for protection, critical company data can 
be easily exposed for everyone to see. That can have damaging 
effects on you, your customers, your partners, 

even your bottom line. The RSA SecuriD* 
solution protects critical business data with 
two-factor authentication, securing your VPN 
and making it extremely difficult to hack. 
And because major VPN providers like CheckPoint, Nortel, 
Lucent, Cisco and dozens of others design their VPNs to work with 
RSA Security, you can be sure it will operate simply and flawlessly 
in almost any environment. And that means a lot less worrying 


about where your confidential information might show up. 


To receive your VPN Security Info Kit and to qualify for a 
FREE 25-User Trial of RSA SecurlID two-factor authentication, 


go to www.rsasecurity.com/go/vpn2-CW. Or call 1-800-495-1095. 


SECURITY 
The Most Trusted Name in e-Security” 





AUTHENTICATION a ENCRYPTION DIGITAL SIGNATURES 
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RSA Security, SecuriD and The Most Trusted Name in e-Security are registered trademarks or trademarks of RSA Security Inc., in the United States and/or other countries 
©2002 RSA Security Inc. All rights reserved 
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OUTSOURCING 
OVERHAULS 


Thorny problems nearly always 

crop up over the course of long- 

term outsourcing deals, but you 

don’t have to live with them. Re- 
negotiation is a viable and often 

successful option. PAGE 40 


TOOTING YOUR HORN 


Gaining control of their destiny 

is just one of many reasons why 
IT managers decide to market IT 
within the corporation. Marketing 
can dispel old images of IT asa 
data processing unit and create a 
new perception of it as an equal 
business partner. PAGE 42 


BEATING THE CLOCK 


A Harvard Business School re- 
search project shows that contrary 
to what some managers believe, 
time pressure doesn’t boost cre- 
ativity — it stifles it. Researcher 
Constance N. Hadley provides some 
tips to minimize the detrimental 
effects of tight deadlines. PAGE 44 


Fran Quittel counsels a reader in- 
terested in RFID, as well as a secu- 
rity professional who is trying to 
create a new security position at 
his company. PAGE 46 
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JOHN BERRY 


‘Turning a Profit on IT 


METRIC EVALUATING THE PERFORMANCE of IT is more 
than just a metric when it becomes a habit of mind for man- 
agers who ask such questions as, “How will this technology 
investment increase shareholder value?” Rare is the CIO who 
asks this question, unless that CIO happens to use economic 


value added (EVA), a financial performance measure. 

A trademarked term of global consulting firm Stern 
Stewart & Co., EVA’s provenance arises from eco- 
nomic thinking more than 100 years old, arguing that 
accounting profits — earnings — provide an incom- 
plete and sometimes misleading picture of a com- 
pany’s financial performance. The argument extends 
far beyond the alleged fraud and misrepresentation 
of Enron and WorldCom; honest companies with 
clean books will report earnings increases. But some 
times the full financial story isn’t as sunny. 

EVA is used to argue that capital deployed for 
any project or corporate strategy — including IT — 
isn’t free and that its cost must be discounted in the 
cost/benefit analysis of the particular investment. 
The economic argument is that unless a company 
earns a return beyond its cost of capital, it’s destroy- 
ing wealth for shareholders, not creating it. 

A company can be reporting solid earnings, yet 
the returns on capital deployed to generate those 
earnings are in a free fall. More dollars must be 
spent to generate lower returns on the investment. 
Earnings, the offspring of accounting, fail to reflect 
the wealth-generating or -destroying capacity of 
the company, which EVA, the monster child of eco- 
nomics, takes into consideration. The precise calcu- 
lation can be found at www.sternstewart.com under 
“About EVA.” 

Consider the implications to IT invest- 
ment assessment. A simple example: A 
$100,000 investment will produce quantifi- 
able benefits of $20,000. ROI is 20%. How- 
ever, this total overstates benefits because 
the capital costs aren’t included. Suppose 
the company’s cost of capital is 12%. A 
$12,000 (12% times the investment cost — 
in this case, $100,000) charge must be sub- 4 
tracted from the $20,000 “profit.” The EVA 
here is $8,000. This calculation works for 
any kind of IT investment. 

Using the same example, suppose the 
quantifiable benefits are $10,000, for a 10% 
ROI. The cost of capital is 12%. Here, the 
EVA is negative $2,000: $10,000 minus 


JOHN BERRY is an IT man- 
agement consultant and 
analyst in Bend, Ore. 
He's currently writing a 
book about the mea- 
surement of intangible 
assets. Contact him at 
vision@according2jb.com. 


| $12,000. This project destroys wealth. 


Under EVA, IT, the single largest asset base for 
some service firms, is held just as accountable for 
the generation or the destruction of wealth as any 
other capital investment, such as buildings, machines 
or research and development. (Under EVA, R&D is 
capitalized, not expensed. The reasoning is that R&D 
has the potential to generate future wealth beyond 
a company’s cost of capital.) Does a negative EVA 
mean that the company should take a pass on the 
project? Technically, yes. 

But as is the case with everything in IT, the real 
answer is more nuanced. Companies will sometimes 
invest in technology despite a negative EVA because 
the investment is necessary, and because many bene- 
fits are very difficult to quantify upfront. A domestic 
company transformed into a global player by virtue 
of acquisition needs an industrial-strength human 
resources system to replace an existing one that is 
less scalable and has far fewer administrative features 
— despite a negative EVA. 

Then why use it? Evidence has shown that EVA, 
when mapped to the proper employee compensation 
scheme, is a powerful motivational tool, a reminder 
to managers for the need to place focused, shrewd 
bets anytime company money is spent in service of 
operational or strategic goals. 

Unfortunately, it is unlikely that the EVA 
approach will work if implemented in the 
IT organization autonomously. EVA is de- 
signed to change the way managers think 
about the allocation of labor and capital to 
reach profitability goals across the entire 
organization. A company that doesn’t ac- 
knowledge EVA’s importance because it 
doesn’t use it — and there are many — will 
hardly be impressed by the IT manager 
who uses it during investment assessment. 

This isn’t to suggest that a CIO who 
has the ear of the boardroom can’t sug- 
gest taking the time and effort to embed 
EVA companywide. It might be one of the 
most valuable investment suggestions he 
can make. D 
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AFTER THREE YEARS at Johns Manville 
Corp., Tom Rideout has accumulated 
his share of war stories. 

He was recruited by the $2 billion 
Denver-based building materials sup- 
plier in 1999 to manage some IT out- 


sourcing contracts that were already in | 


place. Bad blood between the internal 
IT department and the vendors of 
those contracts had been brewing for 
years. It was Rideout’s job to make 
things right. 

“We’re talking about the wheels 
falling off,” Rideout recalls. The con- 
tracts were plagued by soaring out-of- 
scope costs, poor service and unmet 
objectives, he says. 

By 1998, two years before the finan- 
cials and logistics mainframe services 
outsourcing contract with Broomfield, 
Colo.-based (i)Structure Inc. was due 
to expire, (i)Structure had proposed 
a renegotiated contract that would 
climb from $3.8 million in the first year 
to $4.17 million in the fourth year. 
Rideout, however, negotiated a new 
contract with (i)Structure that went 
from $2.8 million to $2.2 million over 
four years, saving Johns Manville 
$4.77 million. 

“If you have a bad relationship, you 
don’t have to live with it,” he says. 
“There are things you can do about it.” 


Forging a Partnership 

But turning a large, troubled five- 
to 10-year outsourcing contract into a 
successful one requires that a client 
see both his and the vendor’s side of 
the equation. If the client can come up 
with an incentive for the vendor to 
renegotiate, such as a larger or longer 
contract, his chances of success are 
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ship, you don’t have to live with it,” 
says Johns Manville’s Tom Rideout. 
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Dallas-based outsourcing consultant. 

Based on his experience, Bendor- 
Samuel says clients often account for 
50% to 80% of the problems in out- 
sourcing contracts. For instance, a re- 
cent client outsourced its desktops to a 
vendor but kept its help desk, which is 
a key source of information about the 
state of all the company’s desktops, in- 
house. The client also told the vendor 
how to run its desktop environment. 

“You hire someone who’s better than 
you, then you rob them of that exper- 
tise by telling them how to do it,” says 
Bendor-Samuel. 


Perception Is Everything 

At Johns Manville, IT workers 
had spent years complaining about 
(i)Structure’s service. But when Ride- 
out decided to renegotiate the contract 
and began reviewing the facts, he saw 
that most of the service levels were 
being delivered. He also learned that 
many of the complaints being leveled 
by his own company’s IT employees 
weren't really legitimate. But he still 
couldn’t just walk away from them. 

Most of the complaints were “I 
wouldn’t have done it that way”-type 
comments, often from the people 
who did the work before and were re- 
assigned to other IT work after it was 
outsourced, says Rideout. So he had 
the IT workers help draft a list of ser- 
vice levels and then explained that if 
the levels were met, those workers 
would need to stop complaining to 
both management and the outsourcer 
and let (i)Structure’s employees do the 
work the way they saw fit. 

(1)Structure was pleased with the 
renegotiation because its contract, 
which was due to expire in a year, was 





extended for four more years, and the 
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company gained very clear, detailed 
service levels, says Craig Nelson, vice 
president of sales and service manage- 
ment at (i)Structure. “It’s all about ex- 
pectations,” says Nelson. 

But getting to the negotiation table 
wasn’t exactly easy, recalls Rideout. 

After agreeing to talk about a new 
contract, Rideout went back to 
(i)Structure with revised provisions 
for new service levels and penalties, as_ | 
well as a more competitive price. “I 
know they were surprised,” he says. “ 
was the first time they had seen a con- 
tract like that.” 

But he held his ground. He showed 
(i)Structure benchmarks from Everest 
Group that listed the prices of similar 
IT outsourcing contracts between oth- 
er clients and vendors. He said that at 
the end of the year, when the contract 
expired, he would put out a very de- 
tailed, competitive request for propos- 
als from other vendors. Rather than 
compete with other vendors, (i)Struc- 
ture negotiated for the new contract. 


Don’t Fear Change 

Rideout notes that it’s also impor- 
tant to know when to let go of a ven- 
dor. In a different deal where a vendor 
wasn’t willing to budge on price, Ride- 
out waited out the life of the contract, 
made the vendor compete for the new 
one and then outsourced only 15% of 
the company’s IT services to that ven- 
dor, awarding the remaining 85% to a 
competitor. 


1. Work with a reasonable-size con- 


tract. Signing a standard three- to five-page 
vendor contract can be the kiss of death, but a 
contract the size of a phone book can be just 
as damaging 

In an old contract between National Steel 
and SHL Systemhouse, there were 500 ser- 
vice levels, which jacked up costs and took a 
long time to track, says John Davis, vice presi- 
dent of IT at National. Now, under a contract 
with EDS, he works with about 40 perfor- 
mance indicators - about the same number 
he tracked when IT was run in-house 


2. Define service levels. Davis also 
warns against process-based service levels. 
Rather than telling the outsourcer how to 
do the job, explain the outcome you expect 
Otherwise, all the important service levels may 
be met, but the project can still fail to meet 
expectations. 

Davis also advises mixing up internal, exter- 
nal and other service levels to ensure satisfac- 
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contract. If you have termination 
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Speak to other clients to see 
if the outsourcer has a history of 
living up to contract terms. 


John Davis, vice president of IT, pur- 
chasing and engineering at $3 billion 
National Steel Corp. in Mishawaka, 
Ind., approached his contract problems 
differently, switching vendors before 
the first contract was up. 

“We wrote the case study on how 
not to do outsourcing,” says Davis. “It 
was a struggle, but we learned a lot.” 

In 1999, National Steel was outsourc- 
ing virtually all of its IT services to SHI 


tion from all perspectives. One approach is 

to use internal IT measures, such as system 
availability; external metrics, such as help desk 
response time; and customer satisfaction 
levels, which can be derived by sending out 
quarterly surveys to 50 randomly selected 
customers. 

Such qualitative metrics can be especially 
effective because they force vendors to devel- 
op relationships with end users rather than 
just meet quantitative service levels 


3. Review and modify service levels 
every year. Contracts should include a stip- 
ulation for annual review and modification of 
service levels, along with an expectation that 
those levels will improve over time, says Davis 
With the pace of change in IT, it's easy for ser- 
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Systemhouse Inc. Critical service levels, 


such as application availability and help 
desk first-call resolution, were continu- 
ally missed, and problems had been es- 
calating beyond control. National Steel 
and SHL had spent two years trying to 
shore up the relationship, but to no 
avail, according to Davis. 

Finally, National Steel put out a re- 
quest for quotes, terminated SHL’s 
contract in accordance with its clause 


vice levels to become outdated or obsolete 
For instance, National Steel has a mainframe 
services contract that once included a service 
level to measure tape mounts (the data stored 
on tapes). But when virtual storage came 
along and tapes became obsolete, Davis 
dropped it. 


4. Include adjustments for failing to 
meet service levels. IT managers need to 
devise consequences for missing service lev- 
els. Tom Rideout, senior manager of technolo- 
gy development at Johns Manville, reviews 
service levels monthly and bases financial 
penalties on a percentage of his outsourcing 
vendors’ monthiy revenues from their con- 
tracts with Johns Manville. Those penalties 
increase with each missed service level. 


for nonperformance and awarded the 
work to Plano, Texas-based Electronic 
Data Systems Corp. There was no con- 
tract kill fee involved. Rather, Davis 
says, National Steel invoked the termi- 
nation provision of its original contract. 

But switching vendors can be com- 
plicated and expensive, cautions Dean 
Davison, a Los Angeles-based out 
sourcing analyst at Meta Group Inc 
Companies aren't just turning over a 
piece of hardware or software; they’re 
turning over complex systems and 
processes. But as outsourcing matures 
and becomes more standardized, it 
may become easier for clients to 
switch vendors, he notes 

Also, as IT managers have learned 
that outsourcing is not a fix-all for 
their problems, and vendors have 
grown more flexible and customer 
centric, satisfaction levels have soared, 
Davison says. Judging from his work 
with clients, he says that about 75% of 
clients are reasonably satisfied with 
their outsourcing arrangements 

“Things aren't perfect,” says Davison. 
“But they’ve definitely improved.” D 


Solomon is a freelance writer in New 
York. Contact her at melissasolomon7 
@hotmail.com. 
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The contract also requires the outsourcer, 


(i)Structure, to determine why the level was 
missed and how to prevent the same problem 
in the future. That's a manpower drain, and 

as a result, (i)Structure has missed only a cou- 
ple of service levels in the past three years, 
says Rideout 

Davis likes to use what he calls “attention 
adjustments.” National's outsourcing contracts 
state that the first time a service level is 
missed, the vendor's account manager has to 
write a report explaining what happened and 
what he’s going to do about it. The next time, a 
vice president or regional manager has to pre- 
pare the report. 

The penalty-escalation clause affects high- 
level positions up to the CEO, says Davis. 
Making EDS's CEO fly out to National Steel to 
explain why a service level was missed would 
likely be far more effective at getting the ven- 
dor's attention than a $20,000 penalty, he 
says. To date, that hasn't happened. 

~ Melissa Solomon 
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Marketing IT | 
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users trust. | 
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Carison Hospitality 
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YEAR AGO, Catherine Brune 

realized that her IT group 

was being left out of the loop. 

“Our business partners 

would decide on some soft- 
ware, and we'd get stuck in the middle 
and know it was going to create havoc, 
but by then it would be too late,” says 
Brune, vice president of technical 
shared services/field support at All- 
state Insurance Co. in Northbrook, III. 
“We were never at the table. The busi- 
ness had already decided, and we'd be 
stuck trying to integrate it. We were 
letting the horse out of the barn way 
too often because we didn’t have a 
good connection with our 
business partners.” 

She decided it was time to 
do a little marketing. 

Gaining control of their 
destiny is just one reason IT 
managers market IT within 
the corporation. Marketing 
can dispel images of IT as a 
data processing department 
and create a new perception 
of it as an equal business 
partner. Marketing builds confidence 
in IT’s credibility, the key to getting 
things done. 

“If IT has credibility, I can get a deci- 
sion over the lunch table. If I don’t 
have it, it can take months,” says Den- 
nis Klinger, CIO at Florida Power & 
Light Co. in Juno Beach, Fla. 

Marketing also helps cus- 
tomers look back at the suc- 
cessful things IT has done. 

“It’s too easy to forget even 
major initiatives as time goes 
by, and those have a lifetime 
cost attached to them,” says 
Scott Heintzeman, CIO at 
Carlson Hospitality World- 
wide in Minneapolis. 

The goal of marketing is to 
integrate IT into the business, 
says Jean Holley, CIO at USG 


Jean Holley, ClO, 
USG Corp. 


Corp. in Chicago. “The [ideal] IT orga- 
nization is one where, in any kind of 
situation, the business people automat- 
ically think, ‘We should have IT here,’ 
rather than calling IT once they’ve got 
it all figured out,” she says. 

But marketing isn’t the same as sell- 
ing, Klinger notes. “It really has to do 
with good communication and educa- 
tion,” he says. “The business can put 
money into plants, equipment, sales 
forces and see quantifiable results. With 
some IT projects, it’s harder to see.” 

When they have to get buy-in on 
their priorities, successful CIOs market 
| to the CEO and other corporate deci- 
sion-makers, to key business 
customers and sometimes 
even to technologists. Re- 
gardless of who the audience 
is, take the message to them, 





Holley says. 

Holley takes her senior 
business partners to lunch or, 
if they don’t have time for 
that, to breakfast or early- 
morning coffee. She'll even 
share a car or train commute 

to get an hour with someone. “Let 

them talk about their day and why it’s 
out of control,” she says. “Then you get 

a real good feel of where their business 

challenges are.” 
| But don’t be a hero. Your marketing 

effort shouldn’t depend solely on you. 

“Make sure people in your organiza- 

tion can walk into the meetings and 

contribute,” Holley says. 

Brune recently delegated some mar- 
keting efforts to a group of business re 
lationship managers who are located 
with business units but report to her. 
“They know the business community’s 
needs and dreams,” she says. One, for 
example, is explaining how wireless 

| technology can support his business 
partner’s strategy. Another is helping 
to pull disparate call center technolo- 


| gies into one consolidated view. 
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Don’t forget to keep the top brass in- 
formed about the plans you make with 
business partners, Heintzeman says, or 
you may find yourself sucked into a 
project that’s not a corporate priority. 

When Holley or her group is pitching 
to her IT steering committee, they of- 
ten put on a “show and tell” of hands- 
on demos that involve the business 
side. “Sitting in meetings, you can get 
PowerPointed to death,” she says. “But 
it’s hard to go to sleep when you’re 
holding a wireless device and watching 
your own data appear on the screen.” 

As you fine-tune your marketing ef- 
fort, be aware that certain approaches 
can backfire. “Don’t look like you’re 
peddling systems,” says Klinger. “Make 
people understand this is for the good 
of company.” 

Do your homework, he suggests. 
Know exactly what you’re capable of, 
and don’t overpromise. “You really 
want to have your facts and tell the 
truth,” Klinger says. 

If you’re not well prepared and you 


| get called on something, it may look 


like you weren’t being candid. “You 


don’t want to be labeled as a snake oil 
| salesman,” he says. “Make sure you 


know how value is created in the com- 
pany and really focus on that.” 
And be careful about return on in- 


vestment claims, Heintzeman says. 


Most projects involve many parts of 


| the organization, and you have to share 





| 
| 
| 


| credit. “You're better off to remind the 


group what you've all accomplished,” 


| he says. “The best sound bite for IT is 


‘on time and on budget.’ ” D 


Melymuka is a Computerworld 
contributing writer. Contact her at 
kmelymuka@earthlink.net. 


Selling Points 


Some things ClOs can market include: 


= Milestones reached in long- 
term initiatives 


Cee eercereeeesessreseseseseeesees 


= Records of on-time and on- 
budget projects 


Peer eeereseseeseseesesesseenesees 


w Uptime for key systems 


m= Responsiveness of help desk 
and training efforts 


CeCe eee ee eeeeeeeseeseeeseseeeeee 


w New systems and services 


Cee Cero eeeerereeseeeeeeseseeeeee 


a IT’s ability to support business 
improvements 


| DO'S AND DON'TS 


| For more on how to market IT in-house, go to 


QuickLink: 31263 
www.computerworld.com 
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Beating the Clock 





Many IT people swear they do their 
most creative work under pressure. And 
many IT managers use pressure as a 
management technique, believing it will 
spur creativity. But research published 

in August’s Harvard Business Review 
indicates that the opposite may be true. 
Constance N. Hadley, a doctoral student 
in organizational behavior at Harvard 
Business School; Teresa M. 
Amabile, professor of busi- 
ness administration; and 
Steven J. Kramer, an inde- 
pendent researcher in Way- 
land, Mass., studied the 
relationship between time PTitaTt 
pressure and creativity by 
tracking daily diary entries 
made by 177 employees — 
many of them in IT — on 22 
different project teams. Hadley talked 
with Kathleen Melymuka about how 
time pressures in IT stifle creativity and 
what IT managers can do about it. 


Your research is all about creativity, so first, 


let’s define it. Broadly, we define cre- 
ativity as “novel and useful solutions 
to a problem.” For this project, we in- 
cluded diary mentions about coming 
up with insights, discovering some- 
thing, brainstorming, even clearly 
thinking about a problem. 


Time pressure is a huge issue in IT. Were 
many of your research subjects doing 
technology work? A substantial portion 
were software and hardware engineers 
and computer analysts, and one com- 
pany we studied was an IT consulting 
company. 


Creativity takes 

time. We use 

the analogy of 
juggling ideas. It takes 
time to come up with the 
balls to juggle in the air 
and time to juggle them. 


CONSTANCE N. HADLEY, DOCTORAL 
STUDENT, HARVARD BUSINESS SCHOOL 


| 
| 
i 
| 
: 


Bee oR uaa) 
Pe SMU 
discussions with 
authors of articles 

Ue 


CRC ieeealte ss 
Mer le 


are tricks to getting imagination to bloom 


Why do many IT managers think that people 
are more creative under time pressure? 
Our hypothesis is that people confuse 
eons with creativity. Research 

as shown that people do more things 
when they’re under time pressure. In 
our project, they worked longer hours 
and listed more in the “work done” 
category. But that’s not the same as 
actually being creative. 
Also, there’s the myth of 
divine inspiration: When 
the chips are down, people 
come up with brilliant solu- 
tions. But neither our study 
nor the biographies of cre- 
ative geniuses support that. 
Instead, creativity seems to 
be much more about a long 
process of playing with 
ideas and having time to work on 
them, taking some time away, then 
working on them some more. 


| So time pressure just doesn’t work? I don’t 
| want to say it never works. But typical 


conditions don’t foster it. Typically, it 


| feels more like a treadmill. 


Why does time pressure adversely affect 


| creativity? Creativity takes time. We use 


| the analogy of juggling ideas. It takes 

| time to come up with the balls to jug- 

| gle in the air and time to juggle them. 

| It takes time to explore solutions. Also, 





| it seems that in the decision-making 


process, under time pressure, people 


| shut down a lot of the breadth of cog- 


nitive thinking. They don’t explore as 


| many options as they should, and they 
| don’t pay sufficient attention to the 


negative aspects, so there’s a cognitive 


| dimension as well. 


But there are exceptions. What 
| makes for creative thinking under 
| the gun? We call that “on a mis- 


sion.” We found one of the biggest 


| things was a sense of focus, both men- 


tally and physically. 

We saw people on a mission 
sequester themselves with maybe 
one other person alone in a room 
for the day, or even work from 
home to give themselves the ability 


| Apollo 13 crew 





to be free from interruption and dis- 
traction. The second big factor is to 


| really buy into the importance of the 


mission. We use as an example the 

y and the support team 

in Houston [which created a life-saving 

solution under intense time pressure]. 
You really need to think what you 

are doing is worth the time pressure. 

It has to be meaningful and urgent 

enough for you to want to devote your 

time to it. 


And that’s not often the case? No. In 
contrast to that, we more often see 


| the treadmill, where deadlines seem 


arbitrary and imposed and don’t make 
any sense. 


The examples in the article seem to indicate 
an inverse correlation between creative 
work and group activity. Did you find 

that? People tended to work creatively 
by themselves or with one or two 
others. We think that’s because multi- 
ple people means multiple agendas 
are present, so you don’t have that 
focus. But it doesn’t necessarily mean 
large groups can’t be creative. Look 

at Apollo 13. 
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What can IT managers do to minimize the 
effects of time pressure on creativity? In 
the ideal world, avoid time pressure. 
That can’t be understated. In many 
cases in our study, the teams felt from 
the beginning that they were behind 
the eight ball and there was not 
enough time or resources to do what 
they had to do. In that situation, the 
best you can do is try to create a sense 
of urgency and allow the team mem- 
bers to find time to focus. There is 
research that shows that engineers 
who had a couple hours quiet time 
every week got more done. 


Is there anything an IT worker can do ina 
pressure-cooker project to foster his own 
creativity? If you can’t change the con- 
straints, follow the path many in our 
study took and protect your time as 
best you can. Some took early morn- 
ings away from other work. Some even 
hid in conference rooms where others 
couldn't find them. One disconnected 
the phone. There may be ramifications 
if the team needs your help, but if it’s 
the only way to solve a problem cre- 
atively, you might want to consider 

it. To the extent you can engage in 
problem solving and internalize the 
urgency, you’re more likely to have 
energy to put toward being creative. 
Melymuka is a Computerworld con- 
tributing writer in Duxbury, Mass. Con- 


| tact her at kmelymuka@earthlink.net. 
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Dear Career Adviser: 


I have a strong background in supply chain management 
and have been working mostly in the health care and 


pharmaceutical industry. I started out as a programmer 


and have worked as a systems 
integration consultant for 
warehouse tracking applica- 
tions. I am interested in wire- 
less and handhelds, and I have 
thought about RFID. Is this a 
good area to move into? 

RADIO FREQUENCY 


Dear Radio Frequency: 

RFID stands for radio fre- 
quency identification, a tech- 
nology that uses RFID tags, 
which act as responders that 
don’t require direct contact or 
line-of-sight scanning. Com- 
panies are using RFID in an 





WORK 


IT Is the 


 MANAGEMENT(: 


effort to improve bar-code 
technology to track, locate 


| and secure items in the supply 


chain, and to help with anti- 


| counterfeiting measures and 


security, says Paul Drzaic, vice 
president of Alien Technology 


| Corp., an RFID company in 


Morgan Hill, Calif. 
RFID holds promise in re- 


| ducing the cost of handling 


items. 
Jobs in RFID include inte- 
grated circuit designers, who 


| work on RFID tags; circuit 
| designers and RF engineers, 


who work with tag readers; 


| networking engineers, who 


STYLES 


‘lreasure 


At Capital One 


What are the most critical sys- 


tems supported by your depart- 


ment? “We design, build, 
operate and maintain the 


computer and telecom infra- 


structure that enables Capi- 
tal One to perform its cus- 
tomer-focused operations, 
such as customer care, the 
call centers and customer 
transactions. We provide 
end-user support on the 
desktop [and] back-end data 
warehouses and transaction 
processing systems.” 


Can you describe the pace of 
the work? “It’s pretty well 
balanced. We have things 
that are more planned and 
things that are more respon- 
sive to the business environ- 
ment. So it’s steady, with 
some interesting spikes.” 


: What might cause a spike? 
: “We might want to take ad- 
: vantage of a new window of 


: opportunity, like a marketing : 


: program that looks promis- 
: ing and that we want to 
: launch quickly.” 


: Can you describe the overall 


: culture of IT? “It’s very collab- 


: orative and entrepreneurial. 
It’s definitely an empower- 

: ing, fast-moving type of cul- 
: ture, where you have the 

i freedom to create. The com- 


enable readers to communi- 
cate via protocols such as 


TCP/IP or Blue- 

tooth; and data- 

| base applications 

developers, who 

tie massive 

amounts of data 

together. 

| For more infor- 
mation, check out 

| RFID Journal 

| (www.rfidjournal. 

com) and the Auto- 

ID Center (www. 

autoidcenter.org), 

| an industry-funded 

| research program. 





the business; there are no IT 
projects, just business proj- 

: ects. I've worked in other 

: places, and IT is ‘them’ and 

: business is ‘us,’ and it’s ab- 

solutely not like that here.” 
What do you like best about 


how career advancement and 
: training are handled? “As for 


Dear Career Adviser: 


I am working to create a 
position at my company as an 
information security officer. 
| Ihave worked here in IT for 
| over five years, as a manager 
of security administration, in 
| change management, IT audit- 
| ing and in project management 
of security projects. I have a 
bachelor’s in electronics engi- 
neering and a master’s in com- 
puter information manage- 

ment. I am working 
with the vice presi- 
dent of technology 
services, without 
much luck in con- 
vincing her of the 
need for this role. 
— WHAT’S NEXT? 





Dear Next: 


Although the 
Information Tech- 
nology Associa- 
tion of America in 
Arlington, Va., re- 


FRAN QUITTEL is an expert 
in high-tech careers and 
recruitment. Send 
questions to her at 
www.computerworld.com/ 
career_adviser. 


to make sure we have the 
right mix and depth of 
knowledge in the organiza- 
tion. We have dedicated 
technology training called 
ITU [Information Technol- 
ogy University], which fo- 
cuses on technology skills 
as well as curriculum that’s 
business-related.” 


: training and career advance- 


: pany expects you to perform; : 


: the bar is pretty high, with 
: challenging types of work. 
i “But it’s also rewarding. 
: You see the impact you're 

: having on the business, so 
: there’s a real sense of 

: achievement. We have a 

: strong identification with 


ment, it’s based on both the 
: things you need to be suc- 

: cessful from a competency 
: perspective, as well as what 
you need to do in your job. 

We've got 23 major compe- 
tencies [for which] we want 


What do you think makes your 
company’s IT department 
unique? “We do a lot in the 
community in terms of help- : 
ing folks build computing : 
infrastructures and helping 
them operate it. We put in a 


Capital One 
Financial Corp. 


Interviewee: Eric Davis, vice president 
of the technology services department 


Type of business: Credit card marketer 
Main location: Falls Church, Va. 


Number of IT employees: 1,200 in 
technology services; 2,400 in all of IT 
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| cently highlighted the impor- 


tance of IT security in its 
“Bouncing Back: Jobs, Skills 
and the Continuing Demand 
for IT Workers” study in May, 
security jobs are often ma- 
trixed and not broken out as a 
separate function. In fact, the 
study identified security is- 
sues as “most essential” for 
jobs involving network design 
and administration, which are 
less important for enterprise 
systems engineers and data- 
base administrators. 

However, both the size and 
type of employer appear to 
affect the career path of secu- 
rity professionals, with small 
and midsize IT companies 
employing about twice as 
many security professionals 
as non-IT companies. 

In other words, if you work 
at a large technology firm that 


| : 
develops and sells software or 


networking products, this is 
where your security expertise 
is most likely to be in highest 
demand. } 





computer and network infra- 
structure at the Sacred Heart 
Center, in a not-so-nice 
neighborhood in Richmond, 
that takes care of kids at risk. 
Kids can come in after 
school and have a place to 
work and get Internet access 
and be safe and learn.” 


What aspect of work do you 
look forward to each day? “The 
next challenge. Remember 
the American Tribute to 
Heroes telethon? Capital 
One, and specifically tech- 
nology services, put together 
the infrastructure for that 
telethon. We made the largest 
virtual call center in the 
world in less than four days, 
combining 77 call centers at 
different banks, and 7,000 
Capital One associates man- 
ning those call centers. That’s 
the company mind-set: 
There’s nothing we can’t 
achieve if we put our minds 
to that challenge. That’s what 
brings me in here each day.” 
~- Mary Brandel 
brandels@attbi.com 
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SEPTEMBER 18-20, 2002 


The Westin Santa Clara | Santa Clara, California 


You Have Heard the Promise. Now Hear the Reality. 


InfoWorld editors invite you to take a hard look at how Web services’ technology is affecting 
enterprise applications—from content management and collaboration to business process 
integration. Hear both challenges and success stories from the IT executives who are 
embracing Web services and from the technology experts whose products are fueling this 
new era of enterprise computing. 


Agenda topics include: 


> Enterprise Application Vendors Rise to Mobile Web Services 
the Challenge Mastering Asynchronous Web Services 
> Cross Application Business Process E-business ala Web Services 


Integration Understanding Web Services Management 
Services 
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www.infoworld.com/nextgen or (s66) 292-5805 
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Kirkland, WA 98033. 


gning & deve 
ptimizatio 
algorithrr for use in 
a medium sized sc 2 system 
Jedicated t 
investment 
management & capital m 
ment - thru technology. Ri 
sible for integrating optimizatior 
software into a strategic asset 
liability management system 
Req'd: M.S. degree in Maths. 
Engineering, CompScience or 
related w/2 yrs exp in the job 
offered or 2 yrs exp as Financial 
Optimization Systems Developer. 
Must have exp w/designing 
& developing Asset Liability 
Management (ALM) System 
Send res. to: Kim Sliva, General 
Reinsurance Corp, 695 East 
Main St, Stamtord, CT 06901 


W020902E/W/MW 


PeopleSoft has opportunities for technical 
and marketing professionals in California 
(Pleasanton, San Mateo, Santa Clara 
Encino, Irvine, and other locations), 
Bethesda, MD, Waltham, MA, Teaneck, NJ 
Atlanta, GA, Dallas, TX, Miami, FL and 
various other locations within the U.S. for 


Developers (0801) 

Consultants (0802) 

System Analysts (0803) 

Technical Support Analysts (0804) 
Project Managers (0805) 
Marketing Analysts (0806) 


For consideration, please send your 
resume to: PeopleSoft, Attn: Human 
Resources Manager, 2377 Gold Meadow 
Way, Suite 110, Gold River, CA 95670, 
fax: 916-631-1515. Please include the 
four digit code of the position(s) you are 
interested in on your resume or cover 
letter. We support workforce diversity. Visit 
our website at: www.peoplesoft.com 


PeopleSoft 


Sr Infrastructure Architect 
Conf mino & MS IliS 
y desktop & NOS 
MS Exchange 
backup & 

& application 


ement tools 


manag 
2 yr. exp in 
r analysis & 
ys admin & 
Microsoft Exchange Server 5.¢ 
Sr Data integration Architect: 


t from integration 


Royal Caribbean Cruise Lines 


Database Administrator 
lectronic Data Interchange (ED! 


industry leader located in Miami 


E 


Flor Requirements: Bachelor's 


Jiscipline); Two years of experi 
ence in tr ob offered or tw 

years of experience in a positior 
in purchasing, strategic sourcing 
management. Will consider ap: 
plicants with any suitable combi: 
nation of education, training 
or experience. Send resume 
to: Ms. Maria Diaz, Human Re 
sources Dept., Royal Caribbean 
Cruises Ltd., 1050 Caribbean 
Way, Miami, FL 33132. No 
phone calls please 


IT CAREERS 


Seeking qualified applicants for 
the following position in Memphis, 
TN: Technical Advisor. Provide 
technical advice and expertise to 
systems development project 
groups in defining, developing 
and reviewing existing, as well 
as proposed, applications for 
major computer systems. Re- 
quirements: Bachelor's degree* 
in computer science, math, MIS 
or related field plus 7 years of 
experience in systems/applica 
tions development, including 
programming. Experience with 
Visual Basic, SQL Server, and 
Server hardware also required 
“Master's degree in appropriate 
field will offset 2 years of general 
experience. Submit resumes to 
Chris Gibney, Federal Express 
Corporation, 2600 Nonconnah 
Bivd., Suite 191, M 

38132. EOE M/F/D/V 


Software Developers at various 
levels wanted by shipping and 
container co. in Tampa, Florida 
Must have a minimum of a 
Bachelor's degree in Eng 


Comp. Sci., or related field plus 


2 yrs. of development exp. and 1 


yr. of European Shipping Industry 


exp. Refer to Job #SDGD100 


Lykes Lines Limited, LLC 


Ships). 401 East Jackson St 
Suite 3300. Tampa. Florida 


33602 


Programmer/Analyst: Multiple 
openings in Tallahassee, FL to 
analyze & mode! application 

using Rational Rose. Program 
TCP/IP w/ Sockets & Winsock 
Administer ClearCase & Clear 

Quest. Create VOB's, Views 
Stream Rebasing Streams 
& Baselines of applications. De 

ploy Web applications on Linux 
Unix & Windows. Create Enter 

prise applications w/ JAVA/OO 
concepts, JSP, Serviets, HTML 

DB2 & UML. Req. Bachelor's or 
its foreign degree equiv in CS or 
ther engig field + 1 yr. exp. in 
job offered. Resume to: HR Mar 

ager, OmniSoft, Inc., 1265 Corr 
pass Pointe Crossing, Alpharet 
ta, GA 30005 


Programmer Analyst 
have Bach in Sci & 5 years 
isgng & devipg wet 


Applic 


Analytical services, CUBE 


Plains, NY 10601 


Web designing prc 
req: Multi Media 
w/Masters deg & 1 yr 
supervise in video & film pr 
juction, providing technical & 
artistic expertise with regards tc 
camera, audio, lighting, directing 
etc & supervision in Web site 
production, coordinating pr 
gramming, graphic & testing 
depts. Responsible for budgeting, 
scheduling & negotiating w 
nts. Travel to various client 
sites anywhere in US is required 
Reply to: Recruiter, Merlin 
Computers Inc, 805 third Ave 
28 fir. NY, NY 10022 


COMMUNICATIONS SPECIAL 
IST/END USER SUPPORT for 
Miami Bank-Confer w/systems 
engineers re testing & support 
end user problems for both US & 
Latin American personnel; Install 
& configure new end-users & 
operating systems. Min. req 
Bach in Electrical Engineering + 
2 yrs exp computer support 
in banking industry. Resume to 
Pacific National Bank, HR Dept. 
P.O. Box 012620 Miami, FL 


33101 


Programmer/Analyst (Frankfort 
KY): Plan, develop, test & docu 
ment client/server computer pro: 
gram. Develop windows based 
applications using VB & Report 
Generations using CRYSTAL 
REPORTS. Develop OLEDB 
Object linking & embedding 
Dynamic Database Exchange & 
COM technologies. 40 hr/wk 
Req. Bachelor's or its foreign 
degree equiv. based on educa 
tion and/or exp. in CS/Engg, MIS 
or other science/engg field 

2yrs exp. in job offered. Resume 
to: HR Mangr, Software Services 
& Resources, Inc., 3574 Old Mil 
ton Pkwy, Alpharetta, GA 30005 


Engineering System Analyst: De 
sign & code software for metal 
plate connected (MPC) wood 
trusses. Develop advanced truss 
system analysis methods to 
reduce wood used in truss 
systems. Perform joint & full-scale 
truss tests for ANSI standard dvip: 
mits. Req. MS or it's foreign degr 
equiv in Civ g + min. of tyr 
exp. in job described or tyr exp. in 
wood engineering research & pro 
gramming using C++, MFC, COM. 
Resume to: Engineering Manager 
TEE-LOK Corp., 818 Soundside 
Rd., Edenton, NC 27932 


Software Applications Engineer 
(Tampa, FL): Diagnose & solve 


vendor software 


5. Create re 
rk w/ Oracle 
jer Export me 
SQL, OEM, Net 
), Qdesigner, Er 
Net, Sun Soiaris 
trix Server. Req. Bache 
ts foreign degree equ 
3, C Engg, Civil En 
lated field + 2 yr exe 
fered. 40 hrs/wk. Resum 
»de FLO2, HR, Atex Media Ci 
mand, 15 Crosby Dr, Bedford 
MA 0173( 


Software Engineers, Programmers 
and Jr. Programmers 
Design, develop, test 
ment specialized applications in: (A) 
OAS, MTS, VB/ASP. IIS, XM 
XSL, Visual Interdev, SQL Server 
Oracle and related tools, Access 
and 3rd party utilities. (B) Financial 
applications with Oracle and relat 
ed tool Java, Pro*C, Erwin 
HPUX, SQL*Loader, Unix Shel 
Scripting. Prevailaing wage/bene 
fits. Experience required. To apply 
> for detailed info, send resume or 
ontact: Ratan Eluganti, enGenius 
Consulting Group, Inc., 3100 Breck 
enridge Bivd., Ste 100, Duluth, GA 
30096. EOE 


SYSTEMS ANALYST/PROGRA- 
MMER for telecommunications 

provider-Develop & 
implement software solutions: 
Research, design & develop 
software systems & analyze 
software requirements. Min 
Req. Bach in Comp. Sci +2 yrs 
exp. Resume to: Pay Smart 
America, Inc. HR Dept., 1500 
West Cypress Creek Road, Ste 


407, Ft. Lauderdale, FL 33309. 


Programmers, Jr. Programmers. 
Software Engineers (SCADA 
Apps.] Design, develop, test and 
implement specialized apps. in 
SCADA and related technolo: 
gies. prevailing wage/benefits 
Send resume to Attn: Mr. G.R 
Patel, G.R. Patel & Associates, 
Inc.; P.O. Box 1008, Waldorf, MD 
20604. EOE 


Technical Analyst wanted by a 
Telecommunications Services 
‘0. in Greenwood Village. CO. 
Must have a Bachelor's degree 
or equiv. exp.) in Information 
Mgnt. or related field plus 5 yrs 
of exp. as Technical Analyst 
ncluding Travel Technical exp 
with 3 yrs of product development 
exp. in assigned function variations 
& 3 yrs. of European Market exp. 
Refer to Job #5051, Bill Ramsey, 
5350 S. Valentia Way, Greenwood 


Village, CO 80111 


Programmer. Jr. position 
programming in ORACLE 
SQL, Microsoft Visual Basi 
C++ Visual FoxPro, 
Builder, JAVA, ASP & 
ript. Req: Bachelors ir 
9 Comp. Eng. 40 
hr/wk. Job/interview Site: Irvine. 
CA. Send resume to Forte-Gear 
International, Inc., 28C7 Barranca 


Pkwy, Irvine, CA 92606 


Software Engineers (Idaho Fé 
Design, develop, test and imple 
ment specialized multi-country 
multi-site, ERP and CRM appli 
caitons in JD Edwards One 
World XE and related toc 
XML, VB, SQL, and Windows 
MS, Sc./Engg. and 3 yrs. exp 
in job offered or BS, Sc./Engg 
and 5 yrs. progressive post 
baccalaureate exp. reqd. (or for 
eign equiv.) Prevailing wage 
benefits. Melaleuca, Inc., Attr 
Human Resources, 3910 South 
Yellowstone Highway, Idahc 
Falls, Idaho 83402. No phone 
calls please. EOE 
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Software Systems Engineer (Sr. 
QA Analyst): Req. min. MSCS + 
2 yrs s/w QA exper. Write test 
plans, test cases, & auto. test 
suites using Winrunner, WebTest 
TEAM, SQA Robot, load testing 
tools. Design, develop, test, de- 
bug computer s/w systems in- 
volving 0-0 technologies for fin 
apps. using C/C++, Visual C++ 
Windows, UNIX, algorithm 
analysis/design. Resolve com- 
plex system-level issues. ITG- 
SSI, Inc. Culver City, CA. Email 
resume w/cvt ltr addressing reqts 
to hr@itgssi.com Ref: 1122.21 


Assistant to Software Engineer. 
Assist S/W Eng. In programming 
& testing in Java & C++ for h/w 
product integration & s/w inter- 
face. Req: Bachelors in Com 
puter Sci., Electronics Eng., or 
Computer Eng. 40 hr-wk. Job In 
terview Site: LA, CA. Send 
resume to Mitratech, 3539 Motor 


Ave., LA, CA 90034 


IT careers and 

IT careers.com 
reach more than 
2/3 of all US IT 
workers every 
week. If you 
need to hire top 
talent, start by 


hiring us. 


Call your 

IT careers Sales 
Representative or 
Janis Crowley at 
1-800-762-2977. 


ITCAREERS 


where the best 
get better 


IT careers.com 
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Applications Programmer Lead Merc 
Responsible for developing 
modifying procedures required 
to solve complex problerr 
ing into consideration comp 
equipment and 
limitation, operating 
form of de: results. V 
responsible for program di 

cumMeEntati = 
elor's Degree o 
equivalent 
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Senior Technology Specialist 
(Los Angeles, CA area) - Manage 
development, implementation, & 
maintenance of utility software 
systems, w/ focus on operation 
management systems (OMS) 
processes. Utilize expertise 
in OMS technology to analyze. 
develop, & integrate OMS soft 
ware systems & technology 
mgmt. and support req's. Manage 
all project activities necessary to 
implement related systems & co. 
ordinate required tasks w/enter- 
prise info chnology. Integrate 
Graph Sys, Customer 
Info Sys, Workforce Management 
Sys, interactive Voice Response 
sys, & SCADA systems on various 
hardware platforms, OS, & 
RDBMS. Develop alternative 
sys. solutions & associated cost 
trade-offs for deploying OMS. 
inci. hardware, software, & com 
munications technology. Man: 
age development of backup & 
recovery scenarios. Oversee & 
manage acceptance testing & 
performance testing in enterprise 
envirc nt. Manage develop: 
ment of sys. operations, support 
& maintenance alternatives. 
& sys. backup and recovery 
scenarios. Req's Bachelor's 
degree in C.S., Eng'g, Info 
Systems, or rel. field (or equiv 
academic and/or work experi 
ence) plus development, imple- 
mentation & maintenance exp wi 

Apply by resume only 
to Project IVN-CW, Human 
Resources, Stone & Webster 
Consultants, 1430 Enclave 
Pkwy., Houston, TX 77077. An 
EOE 


Technology Architect to formulate 
and deliver application strategies 
for global CRM and Knowledge 
Management applications. Direct 
and implement various enterprise 
systems such as PeopleSoft 
CRM 8.4, B2B, B2C and other 
e-business system. Responsible 
for planning, overseeing the 
research, and evaluating the 
troduction of software applica- 
tions into the information systems 
environment while supporting 
the strategic business direction 
f the company. Masters Degree 
in Information Systems or Com: 
puter Science and 5 years of 
experience and resume to 
ACS International Resources 
Inc. Attn: Dir. Operations, 5 
Innovation Way, Newark, DE 


19711 


Software Engineer to Design 
Architecture, Engineer applica 
1g Epicentric Foundation 
Server 4.0, J2EE and XML tech: 
nologies. Engineer must have 
devel 2d enterprise software 
solutic for large corp 
users/commercial softwa 
ganizations. Experience in 
Epicentric FoundationServer 
4.0, Java, J2EE, XML/XSL and 
SQL technologies. Perform multi 
platform d using OO 
modeling and design using RUP 
and Six Sigma methodologies. 
Masters Degree in Computer 
Science and Three Years Exper 
ence. Send resume to Pyramid 
Consulting Inc. Attn 
Triangle Parkway, Suite 
Norcross GA 30092 


SENIOR SOFTWARE ENGI 
NEER to lead a team in the design 
Jevelopment, implementation. 
testing, maintenance and support 
of application software systems 
ssing Oracle, PL/SQL, C, C++ 
VC++, Visual Studio, Perl, Java 
EJB, XML, CORBA, TCP/IP. 
Socke Apache Web Server 
Ni 


nd Squid >t t nder 
and Squid Web Cache unde 


1 
Windows NT and UNIX operating 
Require: B.S. degree 

cience/Engineering 

ra closely related field with five 
years of progressively responsible 
experience in the job offered or 
as Programmer. Extensive trav 
el on assignments to various 
lient sites within the U.S. is re 
quired. Competitive salary of 
fered. Apply by resume to: Sud: 
hakara Ravoori, President, Sai 
Technical Services, Inc., 366 
Avaion Way, Brandon, MS 39047 


Attn: Job SG 


PROGRAMMER ANALYSTS 
required for Hickory Hills, IL 
office. Design & develop software 
applications using Developer 
2000, Designer 2000, VB, Oracle 
Cobol, C++ & Erwin; Develop & 
implement client/server applica 
tions in oracle financials using 
synchronization techniques such 
as PL/SQL, Developer 2000 & 
Designer 2000; Perform system 
& integration testing; Develop 
relational database system in 
oracle, VB & Windows, Unix 
environment. Bachelors Degree 
req'd in Computers, Engineering. 
math or any related field of study 
+2 yrs of related exp. 40 hrs/wk 
Must have proof of legal authority 
to work permanently in the U.S 
Send resume to HR Manager 
Compro Consulting Group, Inc 

8619 W 95th St., Hickory Hills, IL 
60457 


SOFTWARE ENGINEER to de- 
sign, develop and implement 
application software systems for 
the medical claims clearinghouse 
industry in a client/server envi- 
ronment using Object Oriented 
techniques, C, Visual Basic, Java 
Script, Java, SOL Server, Clipper 
and ASP on LAN, Windows and 
DOS operating systems. Require 
B.S. degree in Computer Science 
Engineering, or a closely related 
field with two years of experi 
ence in the job offered or as 
a Systems Analyst. Travel on 
assignment to various client 
sites within the U.S. is required 
Competitive salary offered. Apply 
by resume to: Felix Soto, Health 
logic Systems Corp., 6185-D 
Butord Hwy., Norcross, GA 
30071; Attn: Job SP. 


Vice President 
of Research & 
Development 


Forward resume to: 
e4eNet, 

Attn: Michele Monast, 
300 Crown Colony Drive, 
Quincy, MA 02169; 

Fax: 617-376-8825; 
E-mail: jobs@e4enet.com 


www.e4enet.com 


A position is available for a 
Senior Retail Point-of-Sale De 
ment Analyst with an Atlanta 
base technology solutions 
company. The company archi 
tects and designs next genera 
tion software for point-of-sale 
and Internet systems in the retail 
industry including entertainment 
petroleum with convenience or 
food stores, and restaurants. 
The Senior Retail Point-of-Sale 
Development Analyst is respon 
sible for combining knowledge 
of retail point-of-sale business 
functionality wit 
pment sk 
teara 


] 
alized ready we 
f-sale solutions 
andidates should possess 
ast five years’ experience 
software development in an 
international point-of-sale retail 
environment including two years 
n business analysis and project 
management 
Apply by mail t 
Christie LoCurtc 
3925 Brookside Parkway 
Alpharetta, Georgia 30022 


IT CAREERS 


IT PROJECT 
PROFESSIONALS 


Q DATA USA, INC. 


We are a leading company in pro- 
viding ERP consulting, network- 
ing, e-Business solutions and ap- 
plication development to Fortune 
500 corporations. We have multi 
ple openings for performance dri- 
ven IT professionals and Project 
Managers with the following skills 
SAP, .net, ASP, JAVA, HTML 
XML, Magic, VB, C++, Windows 
2000, XP, Exchange, MCSE, IBM 
WF, MVS/ESA, OS390, Win- 
dows, Windows NT, Sun, HP Unix 
DB2, VSAM, ADABAS, BTRIEVE 
ORACLE, C COBOL, NAT 
URAL, and JCL. Send resume to 
hr2 @qdatausa.com 


EOE 


JRD Systems, Inc has multiple 
openings for Software Eng 

Software Consultants, Program- 
mer Analysts, Acct Mgr, Project 
Managers, Program Manager 
(Business Development), Man 
ager (info. Systems), operations 
manager & project engineers 
Some positions req Bachelor's 
(or equiv.)while others req. Master's 
(cr equiv.jin C.S, MIS, Engg 
Math, Bus Admin or related field 
We will accept the foreign equiv. 
of the req'd edu. And/or its equiv. 
in edu. & exp. Exp. Required will 
depend on position. Send resume: 
HR, 42524 Hayes Rd, #100 
Clinton Twp, MI 48038 


[SS eee] 


Talent is 
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the new 
economy. 


Fill up 
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ITcareers. 


IT careers and 
IT careers.com 
can put your 
message in front 
of 2/3 of all US 
IT professionals. 
If you want to 
make hires, 
make your way 
into our pages. 
Call Janis 
Crowley at 
1-800-762-2977 
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Continued from page 1 


Web Services 


users were left with just as 
many questions as answers. 

“It confirmed to me that 
we’re not the only ones who 
are confused,” said Ensign, 
who gave a user presentation 
at the forum. “ 


security specialists who have 
been working on this problem 
are confused. We don’t yet see 
a clear story of what the secu- 


I think everyone | 
outside of the small groups of 





rity problems are, the frame- 
work for how the security will 


| be provided and how the indi- | 


vidual efforts fit together.” 

Kevin Cronin, 
cal architect at Niteo Partners 
Inc., a Boston-based services 
firm that’s owned by 
Corp., 


standards. And until the issues 


are resolved, he said, the use of | 


Web services may be limited at 
the retail banking level. 
Advanced 


security issues 


Defining Web Services 
is No Easy Task 


BOSTON 

One presenter at last week's XML 
Web Services One Conference 
drew a laugh when she told atten- 
dees, “Ask five people to define 
Web services and you'll get at 
least six answers.” 

Even though Web services has 
been one of the technology indus- 
try's hot buzzwords for some time, 
that doesn’t mean a clear and suc- 
cinct definition has emerged. 

Here's a sampling of definitions 
that were tossed out last week 

@ “Web services standards and 
technologies allow us to describe 
and deploy applications or ser- 
vices on a network in a consistent 
way so that they can be discov- 
ered and invoked in a secure and 
reliable manner. A Web service is 
an application that uses these 
standards and technologies.” 

- Bob Sutor, director of e-busi- 
ness standards strategy at IBM 

@ “What Web services are 
about is machine-to-machine 
communication. The base tech- 
nology is XML and XML schema. If 
we want to narrow it to what types 
of Web service specifications are 
you going to be most interested in 
supporting - obviously SOAP, 
WS-Security, XAMS [XML Key 
Management Specification].” 

- Phillip Hallam-Baker, chief 
scientist at VeriSign Inc. 

@ “Any application that expos 
es information processing or 
serves up information ina 
reusable data format using com- 


mon Web technologies.” 
- J.P. Morgenthal, chief services 
architect at Software AG 

@ “Web services are loosely 
coupled software components de- 
livered over Internet standard 
technologies. You must also use at 
least one of WSDL [Web Services 
Description Language], SOAP 
and/or UDDI [Universal Descrip- 
tion, Discovery and integration.” 
~ Daryl Plummer, an analyst at 
Gartner Inc. 

@ “To me, when we're talking 
about a Web service, we're talking 
about taking some kind of applica- 
tion or series of applications and 
being able to make them available 
to people using the Internet as the 
transport, as the communications 
mechanism between the applica- 
tion which is calling and the other 
application which is responding to 
the call and delivering informa- 
tion.” - Chet Ensign, senior direc- 
tor of architecture and develop- 
ment services at LexisNexis 

@ “It's important to cite SOAP. 
WSDL and UDDI as the core of any 
Web services definition, as they are 
the key protocols. | can create soft- 
ware to transport XML over a socket 
on the Internet, but is that an inter- 

operable Web service? No, it is not 
The most compeliing part of Web 
services is interoperability and the 
low technical barriers to entry, which 
are in turn driven by standards.” 

- Kevin Cronin, chief technical 
architect at Niteo Partners 
- Carol Sliwa 


chief techni- | 


NEC | 
said its clients in the fi- | 
| nancial services industry are | 
confused about the overlap of | 
some of the proposed security | 


| customers 
| service providers can afford to | 
1: . - - | 

implement their end of any of | 


| Stephen Whitlock, 
based enterprise security ar- | 
| chitect at The Boeing Co. “We | 
assurance that it’s | 
that we can | 
| government agency, who asked 


| need some 


| ward to the day 
| dards are finalized to address | 

| data security at the endpoints | 
| of a transaction, 
| Sockets 


‘NEWS 


such as rights management are | 
of great concern to financial | 
as to | 


services firms as well 


publishers such as LexisNexis, 


. : | 
which manages content from a | 
and | 


must control access to meet its | 


wide range of sources 


business obligations to its con- 


tent providers and customers. | 
Ensign said he now sees poten- | 
tial overlap among three stan- | 


dards — Security Assertion 
Markup Language, Extensible 
Access Control Markup Lan- 
guage and Extensible Rights 
Mz arkup Lang suage. 

“That’s an expensive prob- 


lem to solve if we have to in- 


} vent our own solution to every 
| single permissions issue as it 
Ensign said. He | 
added that if standards are im- | 
| plemented by 
| clear and consistent way, 


comes along,” 
vendors in a 


“our 
and 


these service bargains.” 


“Having been burned sever- | 


al times, I still need something 


| that’s multivendor and inter- | 
| operable and not driven by one 
or two vendors, even if they’re | 
agreed | 


really good ideas,” 


a Seattle- 


going to work, 


switch vendors if we need to.” 


| Seeking Standards 


Whitlock said he looks for- | 


Layer protects data 


| only during transmission. 


But standards are just one 


| piece of the Web services puz- 


zle. Gordon Coulson, 
architect working for Canada’s 


Fisheries & Oceans office in | 
British Columbia, | 
said addressing the technical | 


Vancouver, 


part may be easy compared | 


with getting people to agree on 


the best approach. 
| Coulson said he hopes he | 
agency to | 
consider using XML and SOAP 


can persuade the 





our external | 


| Opers use 


when stan- | 


since Secure | 


a systems 


Some of the key Web services security standards and pro- 
posed standards discussed at last week’s XML Web Services 


One Conference included: 


SAML (Security Assertion Markup Language) An XML-based stan- 
dard for ‘exchanging authentication and authorization information. 


WS-Security (Web Services Security) A proposed standard that aims 
to unify multiple security models and technologies and serve as the techni- 
cal foundation for Web services. Includes definition for a standard set of 
SOAP extensions, or message headers, that can be used to implement in- 
tegrity and confidentiality i in Web services applications. 


XML Signature XML syntax and) processing tules for creating and repre- 


senting digital signatures. — 


XML Encryption. A process for encrypting and decrypting digital contont 
(including XML documents and portions of them) and an XML syntax used 
to represent the encrypted content and the information that enables an in- 


tended recipient to decrypt it. 


XACML (Extensible Access Control Markup Language) An XML speci- 


fication for expressing policies for information access over the Internet. 


XRML (Extensible Rights Markup Language) Provides a universal 
method for securely specifying and managing rights and conditions associ- 
ated with resources such as digital content and services. 


XKMS (XML Key Management Specification) Sanpliies the usage, 
distribution and management of the keys necessary to create a trust infra- 


structure. 


to get its disparate legacy sys- | 


tems to talk to one another. 


Right now, the agency’s devei- | 


a variety of tech- 
nologies, including Java, Mi- 
crosoft Corp.’s .Net and Mac- 
romedia Inc.’s ColdFusion. 

An IT specialist at a U.S. 


that she not be named, said 


that she’s investigating Web 
services to help with data inte- 


[The forum] 
confirmed to 
me that we’re 

not the only 
ones who are 

confused. 


CHET ENSIGN, LEXISNEXIS 


gration of disparate enterprise 
resource planning systems. But 
right now, 
skills are in Cobol and Power- 
Builder. 

“They 


vices being easy,” 


her agency’s chief 


talk about Web ser- 
she said. “But 
the reality is it requires an en- 
tirely different set of skills from 
the ones that we're used to.” 

The complexity of the prob- 
lem that Web services aim to 
address wasn’t lost on some 
participants. With layers of 
standards continually being in- 
troduced, some users are mov- 
ing forward cautiously. 

“They say the infrastructure 
is simple to build. I’m not con- 
vinced yet,” said David Rizzo- 
lo, a project manager for portal 
technologies at Novartis Phar- 
maceuticals Corp. in East 
Hanover, NJ. 

Patrick Gannon, president 
and CEO of OASIS, advised 
companies to participate in pi- 
lots now so they will be ready 
to do more extensive projects 
as Web services standards ma- 
ture over the next two years. D 
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‘Transformed 


T’S LABOR DAY, SO LET’S TALK ABOUT the future of IT 
work. Maybe that doesn’t sound like something with much of 
a future. These days, unemployment among IT people in the 
U.S. is right up there with the overall unemployment rate. 
There’s lots of talk that corporate IT staffs will remain gutted 
even after the economy recovers. And as IT is squeezed until it’s 
unable to do anything but the most basic janitorial functions — fix 
leaks in the plumbing, patch up the broken Windows — is the fu- 
ture of work in IT shops a painful downward spiral into irrelevance? 


Maybe. But I’m betting on transformation. 

After all, every time someone has predicted 
the demise of what IT people do — by way of 
automation, outsourcing, downsizing or some 
magic technology bullet that’s supposed to 
make IT professionals obsolete — something 
has always happened to change the game and 
make IT more critical than ever. 

Remember, minicomputers were supposed 
to put data processing in the hands of depart- 
mental users and wipe out the data center. So 
were PCs. Packaged enterprise applications 
were going to make big programming projects 
obsolete. Fourth-generation programming lan- 
guages were going to be so easy to use, no one 
would need programmers at all. Simplified sys- 
tems designed for lights-out operation would 
make systems administrators a thing of the 
past. Easy-to-use software would make the help 
desk unnecessary. 

So, what happened? Client/server happened, 
that’s what — and LANs, Windows, the Web, 
terabyte data warehouses, global e-commerce 
and the realities of SAP and Siebel implemen- 
tations. Instead of becoming irrelevant, IT 
shops just become more and more essential. 

Once, IT’s job was to provide data to help 
run the business, run networks to 
collect that data and write pro- 
grams to process that data. IT peo- 
ple still do that. 

But now IT also builds Web sites 
to sell products, manages wireless 
communications to support sales- 
people, links suppliers to warehous- 
es and customers via real-time sup- 
ply chains, distributes human re- 
sources information on intranets 





That’s no coincidence. Business used to run 
on information — the data in data processing. 
Now business runs on communications — with 
suppliers and customers, and between sales 
and manufacturing and executive management, 
all on the networks and systems IT builds and 
maintains. The more the business depends on 
the communications technology IT provides, 
the more essential IT becomes. 

And in the future? Business will run on 
change. And IT’s work will be transformation: 
rapidly reconfiguring processes to let users 
adapt to changing markets, supply conditions, 
customer needs and business requirements. 

Sure, IT does that now. But it will all have to 
happen faster and more effectively. That’s 
where the competitive edge will come from: 
IT’s ability to execute on the need to transform 
the business. 

To do that, IT itself will have to be trans- 
formed. Some IT practices and job titles will 
go the way of punched cards, Cobol and green 
screens. Programming may not survive as we 
know it, but applications will be updated con- 
tinually to solve more business problems more 
effectively. Automated operations will let IT 
efforts shift to dealing with network capacity 
and security issues. And support 
will focus on preventive mainte- 
nance of both systems and users, 
because there will be no time for 
bugs, confusion or other help desk 
problems. 

That’s the future of IT work. If 
you love the job you have today, 
you may not like it. If you fear 
change, you'll hate it. 

But unless someone comes up 
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OK, So Now What? 


Sysadmin pilot fish isn’t making much headway over 
the phone with the user who paged him about a balky 
system - user keeps complaining he can’t hear. Exas- 
perated user tells fish, “This would be a lot easier if the 
alarms were off. | can’t hear you over the sound of the 
running water.” What running water? asks fish with 
sudden dread. “The water running down from the leak 
in the ceiling. There's water all over the floor, and the 
alarm has been beeping since | came in a couple of 
hours ago. OK, so I've got the machine shut down. 


Now what?” 


How Do You 
Think He 
Feels? 
Please come and 
bring your key- 


: the office one Saturday. 
: As he fixes the minor 

: problem on the sales- 

: man’s PC, fish asks 


help desk pilot fish. “1 
have this semicomatose 
fly under my P,” user 
says. “He landed on my 
keyboard, | hit him with 


my steno pad, and he fell : 
between the P and the ;; : 
keys. He is still alive, and : 


his little legs keep flut- 
tering, and it’s really 
grossing me out. By the 


time you get here, he will : 


be dead. However, | do 
not think | can be very 
productive if | have to 


a fly corpse under it.” 


Just Shut Up 

New temporary contract 
IT manager trying to in- 
gratiate himself by chat- 
ting with a pair of data 
center pilot fish tells 
one, “1 @#$%! hate con- 
tractors!” From fish's 
reaction, the manager 
realizes he’s talking to 

a contractor. Then he 
turns to the other fish, 
not knowing he’s a long- 
time employee. “But I'll 
tell you one thing, con- 
tractors are much more 
skilled and motivated 
than any of the locals 
you'll find here.” 


Bother? 


BA Fuahiis ealer- 

_ man ambushes 
support pilot 

fish who has stopped by 


: fish. Why didn’t you call 
: it in before? “I didn’t 
need to use the PC on 

: Friday,” shrugs sales- 

: man, “so | didn’t bother 
: to call.” 

type on a keyboard with : 


: Ready, Aim... 

: At this university data 

: center in the early 

: 1970s, students facing 
: times pound on the glass 
: wall to prompt system 

: operator pilot fish to run 
: their decks of punched 
: cards. “There was lots of 
: spare time back then,” 
: Says fish, “and one eve- 
: ning shift | was using 

: that spare time to clean 
: arifle.” So when one 

: Student in a hurry 

: pounds on the glass, fish 
: turns toward him - with 
: rifle in hand. Says fish, 
: “I didn’t see him for the 
; rest of the semester.” 


FEED THE SHARK Send your true tale of IT life to 


sharky@computerworld.com. You snag a snazzy 
Shark shirt if we use it. And check out the daily feed, browse 
| the Sharkives and sign up for Shark Tank home delivery at 
computerworld.com/sharky. 
1 


FRANK HAYES, Computer- 
world’s senior news colum- 
nist, has covered IT for more 
than 20 years. Contact him at 
frank_hayes@computerworld.com 


and enforces sexual harassment with a more effective way to en- 
policies with Internet filters. 
IT used to do data. Now IT does 


business. 


able business transformation, bet- 
ter plan on having IT — trans- 
formed — around for a long time. DB 
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PowerConnect™ 3024* Switch 
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